Lucene search
+L

4 matches found

Circl
Circl
added 2026/06/02 4:59 p.m.13 views

CVE-2026-48861

creationtimestamp| type| source ---|---|--- 2026-06-02 16:59:28+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnd2xy373n2o 2026-07-10 00:35:21+00:00| published-proof-of-concept| https://github.com/elixir-mint/mint/security/advisories/GHSA-2pg6-44cx-c49v 2026-07-10 04:12:07+00:00|...

2.1CVSS5.9AI score0.00166EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/02 2:15 p.m.10 views

CVE-2026-48861 CRLF injection in HTTP/1 request line via unvalidated method in Mint

Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability in elixir-mint Mint allows HTTP Request Splitting and HTTP Request Smuggling. In lib/mint/http1/request.ex, the encoderequestline/2 function splices the caller-supplied method and target arguments directly into the HTTP/1...

2.1CVSS6AI score0.00166EPSS
Exploits0References4
CVE
CVE
added 2026/06/02 2:15 p.m.24 views

CVE-2026-48861

The CVE describes a CRLF injection risk in elixir-mint Mint through the HTTP/1 request line construction. Specifically, encode_request_line/2 directly embeds caller-supplied method and target into the line, allowing an attacker to terminate the line and inject headers, enabling HTTP request split...

2.1CVSS6AI score0.00166EPSS
Exploits0References4
OSV
OSV
added 2026/06/02 2:15 p.m.4 views

CVE-2026-48861 CRLF injection in HTTP/1 request line via unvalidated method in Mint

Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability in elixir-mint Mint allows HTTP Request Splitting and HTTP Request Smuggling. In lib/mint/http1/request.ex, the encoderequestline/2 function splices the caller-supplied method and target arguments directly into the HTTP/1...

2.1CVSS6.1AI score0.00166EPSS
Exploits0References10
Rows per page
Query Builder