Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2 matches found

CVE
CVEadded 2026/03/20 10:19 p.m.8 views

CVE-2026-33180

HAPI FHIR (Java) prior to 6.9.0 is affected: when the internal HTTP client follows redirects (HTTP 3xx), it may resend the same request headers to the host in the Location header as well as the initial URL. This exposes privacy-sensitive headers (e.g., authentication tokens) to unintended third-p...

7.5CVSS5.8AI score0.00046EPSS
Exploits0References1
GitLab Advisory Database
GitLab Advisory Databaseadded 2026/03/18 12:0 a.m.5 views

HAPI FHIR HTTP authentication leak in redirects

When setting headers in HTTP requests, the internal HTTP client sends headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the Location: response header value. Sending the same set of headers ...

7.5CVSS5.9AI score0.00046EPSS
Exploits0References4
Rows per page
Query Builder