A vulnerability was found in netty netty-codec-http and netty-codec-http2 and classified as problematic . This vulnerability affects unknown code. The manipulation of the argument maxAllocation results in resource consumption. This vulnerability is identified as CVE-2026-42587 . The attack can be executed remotely. There is not any exploit available. It is suggested to upgrade the affected component.