CVE-2026-25651

CVE-2026-25651 affects the Node.js middleware client-certificate-auth. Versions 0.2.1 and 0.3.0 contain an open redirect vulnerability caused by unvalidated Host header handling in the HTTP-to-HTTPS redirect (redirecting to https://), enabling attackers to redirect users to arbitrary domains. Pub...

CVE-2026-25651 client-certificate-auth has an Open Redirect via Host Header Injection in HTTP-to-HTTPS redirect

client-certificate-auth is middleware for Node.js implementing client SSL certificate authentication/authorization. Versions 0.2.1 and 0.3.0 of client-certificate-auth contain an open redirect vulnerability. The middleware unconditionally redirects HTTP requests to HTTPS using the unvalidated Hos...

CVE-2026-25651 client-certificate-auth has an Open Redirect via Host Header Injection in HTTP-to-HTTPS redirect

client-certificate-auth is middleware for Node.js implementing client SSL certificate authentication/authorization. Versions 0.2.1 and 0.3.0 of client-certificate-auth contain an open redirect vulnerability. The middleware unconditionally redirects HTTP requests to HTTPS using the unvalidated Hos...

Information Disclosure

Hono is vulnerable to an Information Disclosure. The vulnerability is due to improper validation of user-controlled paths in the Serve Static Middleware for the Cloudflare Workers adapter, which allows an attacker to exploit path handling and read arbitrary keys from the Workers environment...

client-certificate-auth 输入验证错误漏洞

client-certificate-auth is a middleware developed by Tony Gies for implementing client SSL certificate authentication. Versions 0.2.1 and 0.3.0 of client-certificate-auth contain vulnerabilities related to input validation errors. These vulnerabilities stem from the middleware automatically...

OpenCloud Reva has a Public Link Exploit

Impact A security issue was discovered in Reva based products that enables a malicious user to bypass the scope validation of a public link, allowing it to access resources outside the scope of a public link. Details Public link shares in OpenCloud are bound to a specific scope usually a file or...

CVE-2026-25150

Qwik is a performance focused javascript framework. Prior to version 1.19.0, a prototype pollution vulnerability exists in the formToObj function within @builder.io/qwik-city middleware. The function processes form field names with dot notation e.g., user.name to create nested objects, but fails ...

📄 Next.js 14.2.25 Middleware Subrequest Bypass

A vulnerability exists in the Next.js middleware handling mechanism, where requests containing the "x-middleware-subrequest" header are processed differently compared to normal requests, potentially allowing attackers to bypass authentication...

Hoverfly <= 1.11.3 - Remote Code Execution

Hoverfly versions 1.11.3 and below are vulnerable to remote code execution RCE via command injection in the middleware API endpoint /api/v2/hoverfly/middleware. Insufficient validation of the 'binary' and 'script' parameters allows an unauthenticated attacker to execute arbitrary commands on the...

Ubuntu 24.04 LTS / 25.10 : Keystone Middleware vulnerability (USN-8008-1)

The remote Ubuntu 24.04 LTS / 25.10 host has a package installed that is affected by a vulnerability as referenced in the USN-8008-1 advisory. Grzegorz Grasza discovered that the Keystone Middleware incorrectly sanitized authentication headers before processing OAuth 2.0 tokens. An attacker could...

CVE-2026-25149

Qwik is a performance focused javascript framework. Prior to version 1.19.0, an Open Redirect vulnerability in Qwik City's default request handler middleware allows a remote attacker to redirect users to arbitrary protocol-relative URLs. Successful exploitation permits attackers to craft convinci...

CVE-2026-25150 Prototype Pollution via FormData Processing in Qwik City

Qwik is a performance focused javascript framework. Prior to version 1.19.0, a prototype pollution vulnerability exists in the formToObj function within @builder.io/qwik-city middleware. The function processes form field names with dot notation e.g., user.name to create nested objects, but fails ...

CVE-2026-25150 Prototype Pollution via FormData Processing in Qwik City

Qwik is a performance focused javascript framework. Prior to version 1.19.0, a prototype pollution vulnerability exists in the formToObj function within @builder.io/qwik-city middleware. The function processes form field names with dot notation e.g., user.name to create nested objects, but fails ...

CVE-2026-25149 Qwik City Open Redirect via fixTrailingSlash

Qwik is a performance focused javascript framework. Prior to version 1.19.0, an Open Redirect vulnerability in Qwik City's default request handler middleware allows a remote attacker to redirect users to arbitrary protocol-relative URLs. Successful exploitation permits attackers to craft convinci...

Qwik City CSRF protection middleware does not work properly for content type header with parameters (eg. multipart/form-data)

Summary A typo in the regular expression within isContentType causes incorrect parsing of certain Content-Type headers. Impact An attacker can bypass Qwik City’s Origin-based CSRF protections and perform forged form submissions, potentially causing unauthorized state changes...

USN-8008-1: Keystone Middleware vulnerability

Grzegorz Grasza discovered that the Keystone Middleware incorrectly sanitized authentication headers before processing OAuth 2.0 tokens. An attacker could possibly use this issue to escalate privileges or impersonate other users...

Information Leakage Vulnerability in E3 Omni-Channel Central Platform of Shanghai Esaote Software Co.

E3 Omni-Channel Middle is an omni-channel new retail solution product for medium and large enterprises. Ltd. E3 Omni-Channel Middleware suffers from an information leakage vulnerability that can be exploited by attackers to obtain sensitive information...

CVE-2020-37056

Crystal Shard http-protection 0.2.0 contains an IP spoofing vulnerability that allows attackers to bypass protection middleware by manipulating request headers. Attackers can hardcode consistent IP values across X-Forwarded-For, X-Client-IP, and X-Real-IP headers to circumvent security checks and...

http-protection security vulnerabilities

http-protection is a network attack protection library developed by Rogério Zambon. Version 0.2.0 of http-protection contains security vulnerabilities; these vulnerabilities stem from IP spoofing, which may allow attackers to bypass the protected middleware and gain unauthorized access...

📄 Next.js 13.5.9 Middleware Bypass Scanner

This is an authorization bypass scanner for Next.js versions 13.5.9 and below. A vulnerability exists in the Next.js middleware handling mechanism, where requests containing the "x-middleware-subrequest" header are processed differently compared to normal requests...