A vulnerability labeled as critical has been found in Mastodon up to 4.5.9 . The affected element is an unknown function of the component TCP Connection Handler . Such manipulation leads to incomplete blacklist. This vulnerability is traded as CVE-2026-47389 . The attack may be launched remotely. There is no exploit available. The affected component should be upgraded.