CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

104 matches found

Starlette - Improper Validation of Unsafe Equivalence in Input

A flaw was found in Starlette, a lightweight ASGI Asynchronous Server Gateway Interface framework. A remote attacker could exploit this vulnerability by sending a specially crafted HTTP Host request header. This malformed header could cause the request.url to be incorrectly reconstructed, leading...

6.5CVSS5.3AI score0.00906EPSS

Exploits2References2

Github Security Blog•added 2 days ago•4 views

Starlette: Unvalidated request path concatenated into authority poisons request.url.hostname

Summary In affected versions, the HTTP request path is not validated before being used to reconstruct request.url. Because request.url is rebuilt by concatenating scheme://hostpath and re-parsing the result, a path that does not begin with / for example @google.com moves the authority boundary...

5.5AI score0.00029EPSS

Exploits0References2Affected Software1

OSV•added 2 days ago•2 views

GHSA-JP82-JPQV-5VV3 Starlette: Unvalidated request path concatenated into authority poisons request.url.hostname

3.7CVSS5.5AI score0.00029EPSS

Exploits0References2

Positive Technologies•added 2 days ago•4 views

PT-2026-49596

3.7CVSS5.5AI score0.00029EPSS

Exploits0References3

RedhatCVE•added 2026/06/05 7:16 p.m.•7 views

CVE-2026-42517

This vulnerability exists in e-Sushrut due to the use of reversible Base64 encoding for protecting sensitive data. An authenticated attacker could exploit this vulnerability by decoding and manipulating Base64-encoded parameters in the request URL to gain unauthorized access to sensitive...

7.1CVSS5.4AI score0.00226EPSS

Exploits0References1

OSV•added 2026/06/04 1:15 p.m.•4 views

GHSA-86QP-5C8J-P5MR Starlette has missing Host header validation that poisons request.url.path, bypassing path-based security checks

Summary In affected versions, the HTTP Host request header was not validated before being used to reconstruct request.url. Because the routing algorithm relies on the raw HTTP path while request.url is rebuilt from the Host header, a malformed header could make request.url.path differ from the pa...

6.5CVSS5.9AI score0.00906EPSS

Exploits2References9

RedhatCVE•added 2026/05/27 10:57 p.m.•9 views

CVE-2026-48710

6.5CVSS5.8AI score0.00906EPSS

Exploits2References10

Snyk•added 2026/05/27 12:47 a.m.•11 views

HTTP Request Smuggling

Overview starlette is a The little ASGI library that shines. Affected versions of this package are vulnerable to HTTP Request Smuggling via the request.url reconstruction process. An attacker can bypass path-based security checks by supplying a malformed Host header that causes request.url.path t...

6.9CVSS5.5AI score0.00906EPSS

Exploits2References2

NVD•added 2026/05/26 10:16 p.m.•12 views

CVE-2026-48710

Starlette is a lightweight ASGI framework/toolkit. Prior to version 1.0.1, the HTTP Host request header was not validated before being used to reconstruct request.url. Because the routing algorithm relies on the raw HTTP path while request.url is rebuilt from the Host header, a malformed header...

6.5CVSS0.00906EPSS

Exploits2References10

OSV•added 2026/05/26 10:16 p.m.•6 views

UBUNTU-CVE-2026-48710

6.5CVSS5.8AI score0.00906EPSS

Exploits2References6

ATTACKERKB•added 2026/05/26 9:54 p.m.•9 views

CVE-2026-48710

6.5CVSS5.8AI score0.00906EPSS

Exploits2References8Affected Software1

CVE•added 2026/05/26 9:54 p.m.•153 views

CVE-2026-48710

Starlette (Python ASGI framework) contains a Host header validation issue in versions before 1.0.1. The HTTP Host header was not validated when reconstructing request.url, while routing relies on the raw path and request.url, allowing a malformed Host header to make request.url.path differ from t...

6.5CVSS5.8AI score0.00906EPSS

Exploits2References10Affected Software1

Cvelist•added 2026/05/26 9:54 p.m.•31 views

CVE-2026-48710 Starlette has missing Host header validation that poisons request.url.path, bypassing path-based security checks

6.5CVSS0.00906EPSS

Exploits2References7

Debian CVE•added 2026/05/26 9:54 p.m.•11 views

CVE-2026-48710

6.5CVSS5.8AI score0.00906EPSS

Exploits2

AlpineLinux•added 2026/05/26 9:54 p.m.•13 views

CVE-2026-48710

6.5CVSS5.8AI score0.00906EPSS

Exploits2References10

UbuntuCve•added 2026/05/26 12:0 a.m.•11 views

CVE-2026-48710

6.5CVSS5.8AI score0.00906EPSS

Exploits2References5

EUVD•added 2026/04/29 8:26 a.m.•3 views

EUVD-2026-26201

This vulnerability exists in e-Sushrut due to improper authorization checks during resource access. An authenticated attacker could exploit this vulnerability by manipulating encoded parameters in the request URL to gain unauthorized access to patient accounts on the targeted system...

7.1CVSS5.3AI score0.00226EPSS

Exploits0References1

EUVD•added 2026/04/28 6:15 a.m.•3 views

EUVD-2026-26001

A weakness has been identified in BrowserOperator browser-operator-core up to 0.6.0. Affected is the function startsWith of the file scripts/componentserver/server.js. Executing a manipulation of the argument request.url can lead to path traversal. The attack can be launched remotely. The exploit...

7.5CVSS5.2AI score0.00428EPSS

Exploits0References5

SUSE CVE•added 2026/04/02 11:26 p.m.•4 views

SUSE CVE-2026-34475

Varnish Cache before 8.0.1 and Varnish Enterprise before 6.0.16r12, in certain unchecked req.url scenarios, mishandle URLs with a path of / for HTTP/1.1, potentially leading to cache poisoning or authentication bypass...

5.4CVSS5.8AI score0.00202EPSS

Exploits1References3

RedhatCVE•added 2026/04/01 5:3 p.m.•2 views

CVE-2026-4267

The Query Monitor – The developer tools panel for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘$SERVER'REQUESTURI'’ parameter in all versions up to, and including, 3.20.3 due to insufficient input sanitization and output escaping. This makes it possible...

7.2CVSS6AI score0.00302EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by