201 matches found
Unhead has XSS bypass in `useHeadSafe` via attribute name injection and case-sensitive protocol check
Summary useHeadSafe can be bypassed to inject arbitrary HTML attributes, including event handlers, into SSR-rendered tags. This is the composable that Nuxt docs recommend for safely handling user-generated content. Details XSS via data- attribute name injection The acceptDataAttrs function safe.t...
PT-2026-25021
Unhead is a document head and template manager. Prior to 2.1.11, The link.href check in makeTagSafe safe.ts uses String.includes, which is case-sensitive. Browsers treat URI schemes case-insensitively. DATA:text/css,... is the same as data:text/css,... to the browser, but 'DATA:...'.includes'data...
unhead 跨站脚本漏洞
unhead is a document header and template manager developed by UnJS. Versions of unhead prior to 2.1.11 contained a cross-site scripting vulnerability. This vulnerability stemmed from the link.href check being case-sensitive, which could allow attackers to inject arbitrary CSS for UI masking or da...
Traefik 安全漏洞
Traefik is an open-source reverse proxy and load balancing tool developed by Traefik. Versions 2.11.9 to 2.11.37, as well as 3.1.3 to 3.6.8, have security vulnerabilities. These vulnerabilities stem from improper handling of case sensitivity when processing Connection headers. This can allow...
EUVD-2026-8792
MCP Go SDK Vulnerable to Improper Handling of Case Sensitivity...
MCP Go SDK Vulnerable to Improper Handling of Case Sensitivity
The Go MCP SDK used Go's standard encoding/json.Unmarshal for JSON-RPC and MCP protocol message parsing. Go's standard library performs case-insensitive matching of JSON keys to struct field tags — a field tagged json:"method" would also match "Method", "METHOD", etc. Additionally, Go's standard...
GHSA-WVJ2-96WP-FQ3F MCP Go SDK Vulnerable to Improper Handling of Case Sensitivity
The Go MCP SDK used Go's standard encoding/json.Unmarshal for JSON-RPC and MCP protocol message parsing. Go's standard library performs case-insensitive matching of JSON keys to struct field tags — a field tagged json:"method" would also match "Method", "METHOD", etc. Additionally, Go's standard...
GO-2026-4541 Caddy MatchHost becomes case-sensitive in github.com/caddyserver/caddy/v2
Caddy MatchHost becomes case-sensitive in github.com/caddyserver/caddy/v2...
CVE-2026-27896
The CVE-2026-27896 concerns the Go MCP SDK, affected in versions prior to 1.3.1, where Go’s json.Unmarshal (case-insensitive field matching) could accept non-standard JSON-RPC/MCP field casing. This violates JSON-RPC 2.0’s exact field names and could allow messages to bypass intermediary inspecti...
Caddy: MatchPath %xx (escaped-path) branch skips case normalization, enabling path-based route/auth bypass
Summary Caddy's HTTP path request matcher is intended to be case-insensitive, but when the match pattern contains percent-escape sequences %xx it compares against the request's escaped path without lowercasing. An attacker can bypass path-based routing and any access controls attached to that rou...
CVE-2026-27588
Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, Caddy's HTTP host request matcher is documented as case-insensitive, but when configured with a large host list 100 entries it becomes case-sensitive due to an optimized matching path. An attacker can bypass...
CVE-2026-27588
Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, Caddy's HTTP host request matcher is documented as case-insensitive, but when configured with a large host list 100 entries it becomes case-sensitive due to an optimized matching path. An attacker can bypass...
Caddy 安全漏洞
Caddy is an open-source, cross-platform HTTP/Web server developed by the Caddy company. Versions of Caddy prior to 2.11.1 contained security vulnerabilities. These vulnerabilities stemmed from the HTTP host request matcher becoming case-sensitive when configuring large host lists, which could all...
CVE-2026-25889
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to 2.57.1, a case-sensitivity flaw in the password validation logic allows any authenticated user to change their password or an admin to change...
File Browser 安全漏洞
File Browser is an open-source file management interface developed by File Browser. It allows for the uploading, deletion, previewing, and editing of files within a specified directory. Versions of File Browser prior to 2.57.1 contained security vulnerabilities. These vulnerabilities stemmed from...
PT-2026-7167
Name of the Vulnerable Software and Affected Versions File Browser versions prior to 2.57.1 Description File Browser offers a file management interface for tasks like uploading, deleting, previewing, renaming, and editing files. A flaw in the password validation process, specifically a...
CVE-2026-22864
Deno is a JavaScript, TypeScript, and WebAssembly runtime. Before 2.5.6, a prior patch aimed to block spawning Windows batch/shell files by returning an error when a spawned path’s extension matched .bat or .cmd. That check performs a case-sensitive comparison against lowercase literals and...
CVE-2026-23527
A flaw was found in h3, a minimal HTTP Hypertext Transfer Protocol framework. A remote attacker can exploit this vulnerability by sending a specially crafted HTTP request where the Transfer-Encoding header uses a case variation of "chunked". The readRawBody function performs a strict case-sensiti...
CVE-2026-22864
Deno is a JavaScript, TypeScript, and WebAssembly runtime. Before 2.5.6, a prior patch aimed to block spawning Windows batch/shell files by returning an error when a spawned path’s extension matched .bat or .cmd. That check performs a case-sensitive comparison against lowercase literals and...
CVE-2026-22864
Deno is a JavaScript, TypeScript, and WebAssembly runtime. Before 2.5.6, a prior patch aimed to block spawning Windows batch/shell files by returning an error when a spawned path’s extension matched .bat or .cmd. That check performs a case-sensitive comparison against lowercase literals and...