CVE-2026-48998

GuzzleHttp/psr7 (PHP) before version 2.10.2 is affected by improper Host header validation when parsing raw HTTP requests or deriving a server request URI from server variables. An attacker can supply a Host header containing URI delimiters (for example [email protected]) that can be r...

GHSA-3QMC-CJ7Q-62HV Litestar: AllowedHostsMiddleware bypasses host validation via client-controlled X-Forwarded-Host header

Summary AllowedHostsMiddleware trusts the X-Forwarded-Host header as a fallback when the Host header is absent. Since X-Forwarded-Host is a client-controllable header, an attacker can bypass the allowed hosts validation by omitting the Host header and supplying an X-Forwarded-Host header set to a...

PT-2026-48543

Summary AllowedHostsMiddleware trusts the X-Forwarded-Host header as a fallback when the Host header is absent. Since X-Forwarded-Host is a client-controllable header, an attacker can bypass the allowed hosts validation by omitting the Host header and supplying an X-Forwarded-Host header set to a...

CVE-2026-27959

Koa is middleware for Node.js using ES2017 async functions. Prior to versions 3.1.2 and 2.16.4, Koa's ctx.hostname API performs naive parsing of the HTTP Host header, extracting everything before the first colon without validating the input conforms to RFC 3986 hostname syntax. When a malformed...

CVE-2026-27959

Koa (Node.js) prior to versions 3.1.2 and 2.16.4 exposes a vulnerability in ctx.hostname: it naively parses the Host header and returns an attacker-controlled value when the header contains an invalid RFC 3986 hostname (e.g., with a @). This can affect URL generation, password reset links, email ...

CVE-2025-12969

Fluent Bit inforward input plugin does not properly enforce the security.users authentication mechanism under certain configuration conditions. This allows remote attackers with network access to the Fluent Bit instance exposing the forward input to send unauthenticated data. By bypassing...

CVE-2021-39206

Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, contains two authorization related vulnerabilities CVE-2021-32777 and CVE-2021-32779. This may lead to incorrect routing or authorization policy decisions. With specially crafted requests, incorrect...

(Pwn2Own) Linux Kernel route4_change Double Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of routing...

CVE-2021-39206 Incorrect Authorization with specially crafted requests

Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, contains two authorization related vulnerabilities CVE-2021-32777 and CVE-2021-32779. This may lead to incorrect routing or authorization policy decisions. With specially crafted requests, incorrect...

Caleb Doxsey pomerium 安全漏洞

Caleb Doxsey pomerium is a Caleb Doxsey open source application. An identity agent that provides secure access to internal applications. A security vulnerability exists in Pomerium that stems from the fact that for specially designed requests, Pomerium may make incorrect authorization or routing...