CVE 2021-26528

The mg_http_serve_file function in Cesanta Mongoose HTTP server 7.0 is vulnerable to remote OOB write attack via connection request after exhausting memory pool.

See the CVE page on Mitre.org for more details.