GHSA-M6QW-4CW2-HM4M aiohttp: CRLF injection in multipart headers

Summary Attacker-controlled input included into multipart/payload headers can be used to modify a request to inject additional headers or similar. Impact In the unlikely situation that an application is passing user-controlled strings into MultipartWriter.appendheaders=... or Payload.headers, the...

GHSA-HMW2-7CC7-3QXX form-data: CRLF injection in form-data via unescaped multipart field names and filenames

Summary form-data builds multipart/form-data request bodies. Through v4.0.5, the field name passed to FormDataappend and the filename option are concatenated directly into the Content-Disposition header with no escaping of CR \r, LF \n, or ". An application that uses untrusted input as a field na...

DEBIAN-CVE-2026-12143

form-data is a library for creating readable multipart/form-data streams. In versions through 4.0.5, the field argument to FormDataappend and the filename option are concatenated verbatim into the Content-Disposition header without escaping carriage return CR, line feed LF, or double-quote "...

CVE-2026-47075

CVE-2026-47075 describes a CRLF injection in Hackney’s URL query handling. Hackney does not percent-encode CR/LF characters in the query string before forming the HTTP/1.1 request target, allowing an attacker who controls the URL to inject raw CRLF sequences and potentially perform HTTP header in...

PT-2026-43069

Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability in benoitc hackney allows HTTP Request/Response Splitting. The WebSocket upgrade code in src/hackney ws.erl copies the host, path, headers ExtraHeaders, and protocols options from the caller-supplied opts map into the intern...

CVE-2026-42257

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, several Net::IMAP commands accept a raw string argument that is sent to the server without validation or escaping. If this string is derived from user-controlled...

CVE-2026-41417 Netty vulnerable to HTTP request smuggling and RTSP request injection via DefaultHttpRequest.setUri()

Netty allows request-line validation to be bypassed when a DefaultHttpRequest or DefaultFullHttpRequest is created first and its URI is later changed via setUri. The constructors reject CRLF and whitespace characters that would break the start-line, but setUri does not apply the same validation...

Security Bulletin:Netty CRLF Injection in HttpRequestEncoder: Request Smuggling Vulnerability Fixed in 4.1.129.Final and 4.2.8.Final

Summary Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.129.Final and 4.2.8.Final, the io.netty.handler.codec.http.HttpRequestEncoder has a CRLF injection with the request URI when constructing a request. This leads to request smuggling when...

CRLF Injection

Axios is vulnerable to CRLF Injection. The vulnerability is due to improper sanitization of the Content-Type value in multipart form-data construction, which allows an attacker to inject arbitrary headers into the request body via crafted input...

CVE-2026-6351

MailGates/MailAudit developed by Openfind has a CRLF Injection vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to read system files...

CVE-2026-6351 Openfind｜MailGates/MailAudit - CRLF Injection

MailGates/MailAudit developed by Openfind has a CRLF Injection vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to read system files...

CVE-2026-39394 CI4MS has an .env CRLF Injection via Unvalidated `host` Parameter in Install Controller

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to 0.31.4.0, the Install::index controller reads the host POST parameter without any validation and passes it directly into updateEnvSettings, which...

CVE-2026-34514 AIOHTTP: CRLF injection in multipart part content type header construction

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, an attacker who controls the contenttype parameter in aiohttp could use this to inject extra headers or similar exploits. This issue has been patched in version 3.13.4...

CVE-2026-20113

A vulnerability in the web-based Cisco IOx application hosting environment management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a carriage return line feed CRLF injection attack against a user. This vulnerability is due to insufficient validatio...

PT-2026-25066

Name of the Vulnerable Software and Affected Versions undici versions prior to 7.24.0 and prior to 6.24.0 Description The issue arises when an application passes user-controlled input to the upgrade option of the client.request function. This allows an attacker to inject CRLF Carriage Return Line...

MimeKit has CRLF Injection in Quoted Local-Part that Enables SMTP Command Injection and Email Forgery

Summary A CRLF Injection vulnerability in MimeKit 4.15.0 allows an attacker to embed \r\n into the SMTP envelope address local-part when the local-part is a quoted-string. This is non-compliant with RFC 5321 and can result in SMTP command injection e.g., injecting additional RCPT TO / DATA / RSET...

📄 Textpattern 4.9.0 Cross Site Scripting

Textpattern version 4.9.0 suffers from a cross site scripting vulnerability. ============================================================================================================================================= | Title : Textpattern 4.9.0 Second-Order XSS via Atom Feed Injection | | Autho...

openSUSE 16 Security Update : libsoup (openSUSE-SU-2026:20186-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20186-1 advisory. - CVE-2026-1536: HTTP header injection or response splitting via CRLF injection in the Content-Disposition header bsc1257440. - CVE-2026-1761:...

ALSA-2026:2470 Moderate: php:7.4 security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fixes: php: Leak partial content of the heap through heap buffer over-read in mysqlnd CVE-2024-8929 php: Single byte overread with convert.quoted-printable-decode filter CVE-2024-11233 php: Configuring ...

CVE-2026-24489

Gakido is a Python HTTP client vulnerable to HTTP header injection (CRLF/NULL) in versions prior to 0.1.1. The vulnerability arises from user-controlled header names/values not being sanitized, allowing an attacker to inject arbitrary headers into requests. The fix added in 0.1.1 provides a dedic...