CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 4 days ago•8 views

CVE-2026-50221

In OpenStack Swift before 2.37.2, proxy-server does not strip internal update headers X-Container-Host, X-Container-Device, X-Delete-At-Host, X-Delete-At-Device from client requests before forwarding them to object-servers. An authenticated user with write access can inject these headers to...

5.3CVSS0.00199EPSS

OSV•added 4 days ago•3 views

UBUNTU-CVE-2026-50221

Cvelist•added 4 days ago•34 views

CVE-2026-50221

5.3CVSS0.00199EPSS

EUVD•added 4 days ago•6 views

EUVD-2026-38537

CVE•added 4 days ago•9 views

CVE-2026-50221

CVE-2026-50221 affects OpenStack Swift prior to 2.37.2, where proxy-server fails to strip internal update headers (X-Container-Host, X-Container-Device, X-Delete-At-Host, X-Delete-At-Device) from client requests before forwarding to object-servers. An authenticated user with write access can inje...

Debian CVE•added 4 days ago•6 views

CVE-2026-50221

Positive Technologies•added 4 days ago•7 views

Exploits0

PT-2026-51572

Name of the Vulnerable Software and Affected Versions OpenStack Swift versions prior to 2.37.2 Description The proxy-server fails to strip internal update headers from client requests before forwarding them to object-servers. An authenticated user with write access can inject the headers...

RedhatCVE•added 2026/06/06 6:42 a.m.•13 views

Exploits0References6

CVE-2026-49017

A flaw was found in OpenStack Swift. An authenticated attacker can exploit this vulnerability by sending a specially crafted, truncated aws-chunked PUT request body to the s3api middleware. This action causes an infinite loop within the StreamingInput class, leading to the affected proxy-server...

7.1CVSS5.3AI score0.00322EPSS

Exploits0References6

Tenable Nessus•added 2026/05/28 12:0 a.m.•11 views

Linux Distros Unpatched Vulnerability : CVE-2026-49017

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OpenStack Swift before 2.36.2 and 2.37.2, s3api middleware enters an infinite loop when processing a truncated aws-chunked PUT request body. The StreamingInp...

7.1CVSS5.8AI score0.00322EPSS

Exploits0References2

NVD•added 2026/05/27 2:16 a.m.•10 views

CVE-2026-49017

In OpenStack Swift before 2.36.2 and 2.37.2, s3api middleware enters an infinite loop when processing a truncated aws-chunked PUT request body. The StreamingInput class repeatedly appends an empty buffer and re-reads, causing the proxy-server worker handling the request to become permanently...

7.1CVSS0.00322EPSS

Exploits0References5

OSV•added 2026/05/27 2:16 a.m.•8 views

DEBIAN-CVE-2026-49017

OSV•added 2026/05/27 2:16 a.m.•5 views

Exploits0References1

UBUNTU-CVE-2026-49017

UbuntuCve•added 2026/05/27 2:16 a.m.•12 views

Exploits0References5

CVE-2026-49017

ATTACKERKB•added 2026/05/27 1:57 a.m.•10 views

CVE-2026-49017

Exploits0References4Affected Software1

Cvelist•added 2026/05/27 1:57 a.m.•31 views

CVE-2026-49017

7.1CVSS0.00322EPSS

CVE•added 2026/05/27 1:57 a.m.•17 views

CVE-2026-49017

OpenStack Swift prior to 2.36.2 and 2.37.2 is affected. The s3api middleware enters an infinite loop while processing truncated aws-chunked PUT bodies, due to the StreamingInput class repeatedly appending an empty buffer and re-reading. This causes the proxy-server worker to become permanently un...

EUVD•added 2026/05/27 1:57 a.m.•14 views

Exploits0References5

EUVD-2026-32040