2 matches found
CVE-2026-44214
CVE-2026-44214 concerns eventsource-encoder where unsanitized event and id fields can inject SSE line terminators, enabling forged SSE fields/messages. Affects versions prior to 1.0.2; patch released in 1.0.2 that validates/escapes those fields. Public advisories (GHSA, OSV, CVS) describe the imp...
CVE-2026-44214
creationtimestamp| type| source ---|---|--- 2026-05-08 20:49:40+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-m9g3-3g99-mhpx 2026-05-26 22:30:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mms26w6awm2h...