Lucene search
K

67 matches found

NVD
NVD
added 2026/06/30 5:16 p.m.8 views

CVE-2026-58172

Ocelot through 24.1.0, fixed in commit f156fd4, contains a security control bypass vulnerability that allows denied clients to circumvent IP-based access restrictions by sending WebSocket upgrade requests. The WebSocket upgrade pipeline branch configured via MapWhen in OcelotPipelineExtensions.cs...

9.3CVSS0.00412EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/30 3:54 p.m.5 views

EUVD-2026-40353

Ocelot through 24.1.0, fixed in commit f156fd4, contains a security control bypass vulnerability that allows denied clients to circumvent IP-based access restrictions by sending WebSocket upgrade requests. The WebSocket upgrade pipeline branch configured via MapWhen in OcelotPipelineExtensions.cs...

9.3CVSS5.8AI score0.00412EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/30 3:54 p.m.35 views

CVE-2026-58172 Ocelot - IP Allow/Block List Bypass for WebSocket Upgrade Requests

Ocelot through 24.1.0, fixed in commit f156fd4, contains a security control bypass vulnerability that allows denied clients to circumvent IP-based access restrictions by sending WebSocket upgrade requests. The WebSocket upgrade pipeline branch configured via MapWhen in OcelotPipelineExtensions.cs...

9.3CVSS0.00412EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.8 views

PT-2026-53923

Name of the Vulnerable Software and Affected Versions Ocelot versions prior to 24.1.1 Description A security control bypass exists in the handling of WebSocket upgrade requests. The issue stems from a logic flaw in the OcelotPipelineExtensions.cs file, where a MapWhen branch configured for...

9.3CVSS6AI score0.00412EPSS
Exploits0References9
EUVD
EUVD
added 2026/06/26 9:59 p.m.14 views

EUVD-2026-31690

Hackney has CRLF / header injection in WebSocket upgrade request...

7.5CVSS5.8AI score0.00506EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/06/10 8:59 a.m.11 views

CVE-2026-5067

A remote, unauthenticated attacker can trigger memory corruption in Zephyr's HTTP server WebSocket upgrade path by sending a crafted Sec-WebSocket-Key header. The HTTP/1 header parser copies the header into a fixed-size buffer using a bounded copy that does not guarantee NUL termination when the...

9.8CVSS5.9AI score0.00643EPSS
Exploits1References1
NVD
NVD
added 2026/06/09 6:16 a.m.15 views

CVE-2026-5067

A remote, unauthenticated attacker can trigger memory corruption in Zephyr's HTTP server WebSocket upgrade path by sending a crafted Sec-WebSocket-Key header. The HTTP/1 header parser copies the header into a fixed-size buffer using a bounded copy that does not guarantee NUL termination when the...

9.8CVSS0.00643EPSS
Exploits1References1
EUVD
EUVD
added 2026/06/09 6:1 a.m.11 views

EUVD-2026-35348

A remote, unauthenticated attacker can trigger memory corruption in Zephyr's HTTP server WebSocket upgrade path by sending a crafted Sec-WebSocket-Key header. The HTTP/1 header parser copies the header into a fixed-size buffer using a bounded copy that does not guarantee NUL termination when the...

9.8CVSS5.9AI score0.00643EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/06/09 6:1 a.m.16 views

CVE-2026-5067 Out-of-bounds read/write in HTTP WebSocket upgrade via non-null-terminated Sec-WebSocket-Key

A remote, unauthenticated attacker can trigger memory corruption in Zephyr's HTTP server WebSocket upgrade path by sending a crafted Sec-WebSocket-Key header. The HTTP/1 header parser copies the header into a fixed-size buffer using a bounded copy that does not guarantee NUL termination when the...

9.8CVSS5.9AI score0.00643EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.21 views

PT-2026-47689

Name of the Vulnerable Software and Affected Versions Zephyr affected versions not specified Description A remote, unauthenticated attacker can cause memory corruption in the HTTP server WebSocket upgrade path. The issue occurs because the HTTP/1 header parser uses a bounded copy to move the...

9.8CVSS6AI score0.00643EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.12 views

Zephyr 安全漏洞

Zephyr is an open-source, scalable real-time operating system RTOS developed by Zephyr. There is a security vulnerability in Zephyr, which stems from memory corruption in the WebSocket upgrade path of the HTTP server. This vulnerability could allow remote, unauthenticated attackers to trigger...

9.8CVSS5.7AI score0.00643EPSS
Exploits1References1
Packet Storm News
Packet Storm News
added 2026/06/08 12:0 a.m.9 views

Secure WebSocket Upgrade Handler Auditor for HTTP/HTTPS Services

This Python tool implements a concurrent network auditing framework focused on testing HTTP Upgrade handling behavior, especially WebSocket upgrade negotiation. It connects directly to target servers over TCP or TLS, sends crafted upgrade requests, parses raw HTTP responses, and reports whether t...

5.5AI score
Exploits0
CVE
CVE
added 2026/06/03 1:17 p.m.23 views

CVE-2026-44546

The vulnerability (CVE-2026-44546) affects the Daphne web server prior to 4.2.2. It stems from a parser differential between Twisted and Autobahn: Twisted does not treat certain bytes (0x0b, 0x0c, 0x1c, 0x1d, 0x1e, 0x85) as header separators, while Autobahn decodes header values to str and calls ...

5.3CVSS5.8AI score0.00172EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/03 1:17 p.m.48 views

CVE-2026-44546 Header injection via WebSocket upgrade parser differential allows ASGI scope header spoofing

daphne before 4.2.2 reconstructs a raw HTTP request from Twisted's parsed headers and feeds it to autobahn for WebSocket handshake processing. Twisted does not treat \x0b, \x0c, \x1c, \x1d, \x1e, or \x85 as header line separators, but autobahn decodes header values to str and calls splitlines. An...

3.7CVSS0.00172EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/03 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-44578

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Next.js is a React framework for building full-stack web applications. From 13.4.13 to before 15.5.16 and 16.2.5, self-hosted applications using the built-in...

8.6CVSS5.9AI score0.38696EPSS
Exploits9References2
GithubExploit
GithubExploit
added 2026/06/01 5:34 a.m.143 views

Exploit for Server-Side Request Forgery in Vercel Next.Js

NEXT-SSRF SSRF — CVE-2026-44578 Scanner & Exploit ║ ║ Next...

8.6CVSS5.8AI score0.38696EPSS
Exploits9
RedhatCVE
RedhatCVE
added 2026/05/26 8:14 p.m.19 views

CVE-2026-47072

Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability in benoitc hackney allows HTTP Request/Response Splitting. The WebSocket upgrade code in src/hackneyws.erl copies the host, path, headers ExtraHeaders, and protocols options from the caller-supplied opts map into the interna...

7.5CVSS6AI score0.00506EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/25 2:0 p.m.43 views

CVE-2026-47072 CRLF injection in WebSocket upgrade request in hackney

Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability in benoitc hackney allows HTTP Request/Response Splitting. The WebSocket upgrade code in src/hackneyws.erl copies the host, path, headers ExtraHeaders, and protocols options from the caller-supplied opts map into the interna...

6.9CVSS0.00506EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/05/25 2:0 p.m.12 views

CVE-2026-47072 CRLF injection in WebSocket upgrade request in hackney

Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability in benoitc hackney allows HTTP Request/Response Splitting. The WebSocket upgrade code in src/hackneyws.erl copies the host, path, headers ExtraHeaders, and protocols options from the caller-supplied opts map into the interna...

6.9CVSS6AI score0.00506EPSS
Exploits1References4
OSV
OSV
added 2026/05/25 2:0 p.m.8 views

EEF-CVE-2026-47072 CRLF injection in WebSocket upgrade request in hackney

Summary Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability in benoitc hackney allows HTTP Request/Response Splitting. The WebSocket upgrade code in src/hackneyws.erl copies the host, path, headers ExtraHeaders, and protocols options from the caller-supplied opts map into the...

6.9CVSS6AI score0.00506EPSS
Exploits1References4
Rows per page
Query Builder