Lucene search
K

201 matches found

Github Security Blog
Github Security Blog
added 2026/03/12 2:19 p.m.18 views

Unhead has XSS bypass in `useHeadSafe` via attribute name injection and case-sensitive protocol check

Summary useHeadSafe can be bypassed to inject arbitrary HTML attributes, including event handlers, into SSR-rendered tags. This is the composable that Nuxt docs recommend for safely handling user-generated content. Details XSS via data- attribute name injection The acceptDataAttrs function safe.t...

6.1CVSS5.9AI score0.00258EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/12 12:0 a.m.10 views

PT-2026-25021

Unhead is a document head and template manager. Prior to 2.1.11, The link.href check in makeTagSafe safe.ts uses String.includes, which is case-sensitive. Browsers treat URI schemes case-insensitively. DATA:text/css,... is the same as data:text/css,... to the browser, but 'DATA:...'.includes'data...

5.9AI score0.00237EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/03/12 12:0 a.m.7 views

unhead 跨站脚本漏洞

unhead is a document header and template manager developed by UnJS. Versions of unhead prior to 2.1.11 contained a cross-site scripting vulnerability. This vulnerability stemmed from the link.href check being case-sensitive, which could allow attackers to inject arbitrary CSS for UI masking or da...

6.1CVSS5.8AI score0.00237EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.7 views

Traefik 安全漏洞

Traefik is an open-source reverse proxy and load balancing tool developed by Traefik. Versions 2.11.9 to 2.11.37, as well as 3.1.3 to 3.6.8, have security vulnerabilities. These vulnerabilities stem from improper handling of case sensitivity when processing Connection headers. This can allow...

7.5CVSS7.3AI score0.00467EPSS
Exploits0References4
EUVD
EUVD
added 2026/02/26 10:20 p.m.7 views

EUVD-2026-8792

MCP Go SDK Vulnerable to Improper Handling of Case Sensitivity...

7CVSS5.2AI score0.00255EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2026/02/26 10:20 p.m.10 views

MCP Go SDK Vulnerable to Improper Handling of Case Sensitivity

The Go MCP SDK used Go's standard encoding/json.Unmarshal for JSON-RPC and MCP protocol message parsing. Go's standard library performs case-insensitive matching of JSON keys to struct field tags — a field tagged json:"method" would also match "Method", "METHOD", etc. Additionally, Go's standard...

7.5CVSS5.4AI score0.00255EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/02/26 10:20 p.m.4 views

GHSA-WVJ2-96WP-FQ3F MCP Go SDK Vulnerable to Improper Handling of Case Sensitivity

The Go MCP SDK used Go's standard encoding/json.Unmarshal for JSON-RPC and MCP protocol message parsing. Go's standard library performs case-insensitive matching of JSON keys to struct field tags — a field tagged json:"method" would also match "Method", "METHOD", etc. Additionally, Go's standard...

7CVSS5.6AI score0.00255EPSS
Exploits0References4
OSV
OSV
added 2026/02/26 4:27 p.m.4 views

GO-2026-4541 Caddy MatchHost becomes case-sensitive in github.com/caddyserver/caddy/v2

Caddy MatchHost becomes case-sensitive in github.com/caddyserver/caddy/v2...

9.1CVSS5.4AI score0.0037EPSS
Exploits1References3
CVE
CVE
added 2026/02/26 12:47 a.m.22 views

CVE-2026-27896

The CVE-2026-27896 concerns the Go MCP SDK, affected in versions prior to 1.3.1, where Go’s json.Unmarshal (case-insensitive field matching) could accept non-standard JSON-RPC/MCP field casing. This violates JSON-RPC 2.0’s exact field names and could allow messages to bypass intermediary inspecti...

7.5CVSS5.3AI score0.00255EPSS
Exploits0References5Affected Software1
Github Security Blog
Github Security Blog
added 2026/02/24 8:31 p.m.7 views

Caddy: MatchPath %xx (escaped-path) branch skips case normalization, enabling path-based route/auth bypass

Summary Caddy's HTTP path request matcher is intended to be case-insensitive, but when the match pattern contains percent-escape sequences %xx it compares against the request's escaped path without lowercasing. An attacker can bypass path-based routing and any access controls attached to that rou...

9.1CVSS5.6AI score0.0037EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2026/02/24 5:29 p.m.10 views

CVE-2026-27588

Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, Caddy's HTTP host request matcher is documented as case-insensitive, but when configured with a large host list 100 entries it becomes case-sensitive due to an optimized matching path. An attacker can bypass...

9.1CVSS0.0037EPSS
Exploits1References2
AlpineLinux
AlpineLinux
added 2026/02/24 4:28 p.m.5 views

CVE-2026-27588

Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, Caddy's HTTP host request matcher is documented as case-insensitive, but when configured with a large host list 100 entries it becomes case-sensitive due to an optimized matching path. An attacker can bypass...

9.1CVSS5.6AI score0.0037EPSS
Exploits1
CNNVD
CNNVD
added 2026/02/24 12:0 a.m.10 views

Caddy 安全漏洞

Caddy is an open-source, cross-platform HTTP/Web server developed by the Caddy company. Versions of Caddy prior to 2.11.1 contained security vulnerabilities. These vulnerabilities stemmed from the HTTP host request matcher becoming case-sensitive when configuring large host lists, which could all...

9.1CVSS5.8AI score0.0037EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/02/09 9:18 p.m.5 views

CVE-2026-25889

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to 2.57.1, a case-sensitivity flaw in the password validation logic allows any authenticated user to change their password or an admin to change...

5.4CVSS5.5AI score0.00325EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2026/02/09 12:0 a.m.8 views

File Browser 安全漏洞

File Browser is an open-source file management interface developed by File Browser. It allows for the uploading, deletion, previewing, and editing of files within a specified directory. Versions of File Browser prior to 2.57.1 contained security vulnerabilities. These vulnerabilities stemmed from...

5.4CVSS5.8AI score0.00325EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/02/09 12:0 a.m.10 views

PT-2026-7167

Name of the Vulnerable Software and Affected Versions File Browser versions prior to 2.57.1 Description File Browser offers a file management interface for tasks like uploading, deleting, previewing, renaming, and editing files. A flaw in the password validation process, specifically a...

9.9CVSS5AI score0.27661EPSS
Exploits45References122
RedhatCVE
RedhatCVE
added 2026/01/16 11:31 p.m.3 views

CVE-2026-22864

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Before 2.5.6, a prior patch aimed to block spawning Windows batch/shell files by returning an error when a spawned path’s extension matched .bat or .cmd. That check performs a case-sensitive comparison against lowercase literals and...

9.8CVSS6.8AI score0.00619EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/16 9:5 a.m.8 views

CVE-2026-23527

A flaw was found in h3, a minimal HTTP Hypertext Transfer Protocol framework. A remote attacker can exploit this vulnerability by sending a specially crafted HTTP request where the Transfer-Encoding header uses a case variation of "chunked". The readRawBody function performs a strict case-sensiti...

9.8CVSS6.2AI score0.00576EPSS
Exploits1References5
NVD
NVD
added 2026/01/15 11:15 p.m.11 views

CVE-2026-22864

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Before 2.5.6, a prior patch aimed to block spawning Windows batch/shell files by returning an error when a spawned path’s extension matched .bat or .cmd. That check performs a case-sensitive comparison against lowercase literals and...

9.8CVSS0.00619EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/01/15 10:58 p.m.5 views

CVE-2026-22864

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Before 2.5.6, a prior patch aimed to block spawning Windows batch/shell files by returning an error when a spawned path’s extension matched .bat or .cmd. That check performs a case-sensitive comparison against lowercase literals and...

9.8CVSS5.5AI score0.00619EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder