Next AI Draw.io Unbounded HTTP Body Vulnerability Leading to Denial-of-Service

A denial-of-service vulnerability has been identified in Next AI Draw.io versions prior to 0.4.15. The issue arises in the embedded HTTP sidecar, which contains three POST handlers that process incoming requests by accumulating the entire request body into a JavaScript string without any size limitations. This unbounded accumulation allows for the possibility of sending excessively large payloads, such as 500 MiB or more, which can exhaust the process heap memory. The result is an Out-of-Memory error that crashes the MCP server, disrupting active user sessions and causing the loss of unsaved diagram states.

Impact

Exploitation of this vulnerability crashes the MCP server process, disrupting the user's active diagram session and causing the loss of any unsaved diagram state. In an automated agent pipeline, a crashed MCP server can block the entire workflow.

Reproduction

The vulnerability can be reproduced by sending a large POST request to one of the affected API endpoints (/api/state, /api/restore, or /api/history-svg) without exceeding the newly implemented 10MB limit. This can be done using a script that sends a payload larger than 500MB, which will overwhelm the server's memory and cause it to crash.

Remediation

Users can update to Next AI Draw.io version 0.4.15 or later, where this vulnerability has been fixed. For those using the MCP server, it's recommended to enforce a maximum body size limit in each POST handler before processing the request. This can be done by replacing the existing body accumulation logic with a version that checks the payload size and responds with a 413 status code if the limit is exceeded.