Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2026/01/15 5:22 p.m.2 views

CVE-2026-22779

BlackSheep is an asynchronous web framework to build event based web applications with Python. Prior to 2.4.6, the HTTP Client implementation in BlackSheep is vulnerable to CRLF injection. Missing headers validation makes it possible for an attacker to modify the HTTP requests e.g. insert a new...

6.3CVSS6.5AI score0.00052EPSS
Exploits0References1
NVD
NVDadded 2026/01/14 5:16 p.m.2 views

CVE-2026-22779

BlackSheep is an asynchronous web framework to build event based web applications with Python. Prior to 2.4.6, the HTTP Client implementation in BlackSheep is vulnerable to CRLF injection. Missing headers validation makes it possible for an attacker to modify the HTTP requests e.g. insert a new...

6.3CVSS0.00052EPSS
Exploits0References3
Snyk
Snykadded 2026/01/14 4:52 p.m.4 views

HTTP Response Splitting

Overview blacksheep is a Fast web framework for Python asyncio Affected versions of this package are vulnerable to HTTP Response Splitting via the Client implementation. An attacker can manipulate HTTP requests or inject additional headers by supplying specially input containing carriage return a...

6.9CVSS6.8AI score0.00052EPSS
Exploits0References3
CVE
CVEadded 2026/01/14 4:49 p.m.8 views

CVE-2026-22779

Summary of public details (CVE-2026-22779) : BlackSheep, a Python asynchronous web framework, has a vulnerable HTTP Client implementation prior to version 2.4.6. The root cause is missing validation of headers, enabling CRLF injection that can modify existing HTTP requests or create new ones when...

6.3CVSS6.2AI score0.00052EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/01/14 4:49 p.m.1 views

CVE-2026-22779

BlackSheep is an asynchronous web framework to build event based web applications with Python. Prior to 2.4.6, the HTTP Client implementation in BlackSheep is vulnerable to CRLF injection. Missing headers validation makes it possible for an attacker to modify the HTTP requests e.g. insert a new...

6.3CVSS5.6AI score0.00052EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2026/01/14 4:49 p.m.19 views

CVE-2026-22779 BlackSheep ClientSession is vulnerable to CRLF injection

BlackSheep is an asynchronous web framework to build event based web applications with Python. Prior to 2.4.6, the HTTP Client implementation in BlackSheep is vulnerable to CRLF injection. Missing headers validation makes it possible for an attacker to modify the HTTP requests e.g. insert a new...

6.3CVSS0.00052EPSS
Exploits0References3
CNNVD
CNNVDadded 2026/01/14 12:0 a.m.2 views

BlackSheep 注入漏洞

BlackSheep is an open source web application framework from Neoteroi. BlackSheep version 2.4.6 before the injection vulnerability , the vulnerability stems from the HTTP client-side implementation of the lack of header validation , which could lead to an attacker to modify the HTTP request or...

6.3CVSS6.9AI score0.00052EPSS
Exploits0References4
Rows per page
Query Builder