CVE-2026-44974 Parameter smuggling in @hapi/content header parser allows upload-filter bypass via duplicate parameters
@hapi/content provided HTTP Content- headers parsing. Prior to 6.0.2, Content.disposition retained the last occurrence of each duplicate parameter while Content.type retained the first occurrence of duplicate charset and boundary parameters, creating a parameter-smuggling primitive when another...