PT-2026-36293

Name of the Vulnerable Software and Affected Versions Totolink NR1800X version 9.1.0u.6279 B20210910 Description A stack-based buffer overflow exists in the lighttpd component. This issue occurs when the find host ip function improperly handles the Host argument, allowing a remote attacker to...

SUSE CVE-2026-1502

CR/LF bytes were not rejected by HTTP client proxy tunnel headers or host...

Linux Distros Unpatched Vulnerability : CVE-2026-34525

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, multiple Host headers were allowed in aiohttp. This iss...

UBUNTU-CVE-2026-34525

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, multiple Host headers were allowed in aiohttp. This issue has been patched in version 3.13.4...

CVE-2026-34525

AIOHTTP (async HTTP client/server for asyncio and Python) before version 3.13.4 allowed multiple Host headers due to its header handling. This issue has been fixed in version 3.13.4. Affected component: Host header processing in aiohttp prior to 3.13.4. Remediation: upgrade to 3.13.4 or later. Ex...

EUVD-2026-8782

Sub2API is an AI API gateway platform designed to distribute and manage API quotas from AI product subscriptions. A vulnerability in versions prior to 0.1.85 is a Password Reset Poisoning Host Header / Forwarded Header trust issue, which allows attackers to manipulate the password reset link...

CVE-2026-27812

Sub2API is an AI API gateway platform designed to distribute and manage API quotas from AI product subscriptions. A vulnerability in versions prior to 0.1.85 is a Password Reset Poisoning Host Header / Forwarded Header trust issue, which allows attackers to manipulate the password reset link...

Advisory ROSA-SA-2026-3191

Software: libsoup 2.62.3 OS: ROSA Virtualization 2.1 unaffected versions = libsoup-2.62.3-11.rv3 affected versions libsoup-2.62.3-11.rv3 CVE-ID: CVE-2025-4945 BDU-ID: 2025-10260 CVE-Crit: LOW CVE-DESC.: A vulnerability in the libsoup library of the GNOME GUI is related to integer overflow during...

Alibaba Cloud Linux 3 : 0037: spice-client-win (ALINUX3-SA-2026:0037)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0037 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-14523: A flaw in libsoups HTTP...

OESA-2026-1326 libsoup security update

libsoup is an HTTP client/server library for GNOME. It uses GObjects and the glib main loop, to integrate well with GNOME applications, and also has a synchronous API, for use in threaded applications. Security Fixes: A flaw in libsoup’s HTTP header handling allows multiple Host: headers in a...

spice-client-win security update

An update is available for spice-client-win. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Spice client MSI installers for Windows clients Security Fixes:...

Important: Red Hat Security Advisory: spice-client-win security update

An update for spice-client-win is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this...

RHEL 8 : spice-client-win (RHSA-2026:1572)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1572 advisory. Spice client MSI installers for Windows clients Security Fixes: libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy Firs...

RHEL 8 : spice-client-win (RHSA-2026:1571)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1571 advisory. Spice client MSI installers for Windows clients Security Fixes: libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy Firs...

Important: Red Hat Security Advisory: spice-client-win security update

An update for spice-client-win is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

Important: Red Hat Security Advisory: libsoup security update

An update for libsoup is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerabili...

RHEL 8 : libsoup (RHSA-2026:0911)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:0911 advisory. The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: libsoup: Duplicate Host Header Handling Causes...

Important: Red Hat Security Advisory: libsoup security update

An update for libsoup is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

RHEL 10 : libsoup3 (RHSA-2026:0836)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:0836 advisory. Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the...

RLSA-2026:0423 Important: libsoup3 security update

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications...