CVE-2026-10836

Improper handling of HTTP headers that allows a remote attacker to manipulate the value of the Host header using specially crafted requests. A successful exploit could result in the generation of manipulated links or responses, potentially leading to limited information disclosure or compromising...

ai.pipestream:account-service (>=0.0.2 <=0.0.8), ai.pipestream:connector-admin-service (>=0.1.1 <=0.1.8) +438 more potentially affected by CVE-2026-35554 via org.apache.kafka:kafka-clients (>=4.0.0 <=4.0.1)

org.apache.kafka:kafka-clients MAVEN version =4.0.0, =0.0.2, =0.1.1, =0.2.7, =0.2.7, =0.2.7, =0.2.7, =0.1.7, =0.0.1, =0.0.1, =0.0.6, =1.2.4, =1.2.11 and more Source cves: CVE-2026-35554 Source advisory: OSV:GHSA-5QCV-4RPC-JP93...