CVE-2026-32811 Heimdall: Path received via Envoy gRPC corrupted when containing query string

Heimdall is a cloud native Identity Aware Proxy and Access Control Decision service. When using Heimdall in envoy gRPC decision API mode with versions 0.7.0-alpha through 0.17.10, wrong encoding of the query URL string allows rules with non-wildcard path expressions to be bypassed. Envoy splits t...

Heimdall 安全漏洞

Heimdall is an open-source application panel and launcher developed by LinuxServer.io. Versions of Heimdall prior to 0.17.10 contained security vulnerabilities. These vulnerabilities were caused by errors in encoding URL strings, which could lead to rule bypasses...