A vulnerability was found in aio-libs aiohttp up to 3.13.3 . It has been rated as problematic . Affected by this issue is the function client_max_size of the component Multipart Form Handler . Performing a manipulation results in allocation of resources. This vulnerability is known as CVE-2026-34517 . Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is advised.