CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

24 matches found

CVE-2026-39998

Improper Input Validation vulnerability in Apache APISIX. The attacker can take advantage of certain configuration in forward-auth plugin to spoof identity headers. This issue affects Apache APISIX: from 2.12.0 through 3.16.0. Users are recommended to upgrade to version 3.17.0, which fixes the...

8.8CVSS0.00281EPSS

Exploits0References2

Cvelist•added 5 days ago•28 views

CVE-2026-39998 Apache APISIX: Identity Injection via forward-auth Plugin Missing Header Cleanup

5.8CVSS0.00281EPSS

Exploits0References1

EUVD•added 5 days ago•8 views

EUVD-2026-38011

5.8CVSS5.8AI score0.00281EPSS

Exploits0References1

CVE•added 5 days ago•10 views

CVE-2026-39998

CVE-2026-39998 describes an identity-header spoofing issue in Apache APISIX caused by improper input validation in the forward-auth plugin. Affects APISIX releases from 2.12.0 through 3.16.0. Exploitation could enable an attacker to spoof identity headers due to configuration in forward-auth. The...

8.8CVSS5.8AI score0.00281EPSS

Exploits0References2Affected Software1

SUSE CVE•added 2026/05/05 1:45 a.m.•4 views

SUSE CVE-2026-40912

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a high severity authentication bypass vulnerability in Traefik's StripPrefixRegex middleware when used in combination with ForwardAuth, BasicAuth, or DigestAuth. The middleware matches...

8.2CVSS5.7AI score0.00571EPSS

Exploits1References3

Vulnrichment•added 2026/04/30 8:38 p.m.•3 views

CVE-2026-40912 Traefik: StripPrefixRegex auth bypass via Path/RawPath desync

7.8CVSS5.7AI score0.00571EPSS

Exploits1References4

GithubExploit•added 2026/04/19 5:24 p.m.•113 views

Exploit for Special Element Injection in Apache Apisix

CVE-2026-31908 - Apache APISIX Header Injection Exploit !Se...

9.1CVSS5.8AI score0.00521EPSS

Exploits1

RedhatCVE•added 2026/04/16 1:22 p.m.•5 views

CVE-2026-31908

Header injection vulnerability in Apache APISIX. The attacker can take advantage of certain configuration in forward-auth plugin to inject malicious headers. This issue affects Apache APISIX: from 2.12.0 through 3.15.0. Users are recommended to upgrade to version 3.16.0, which fixes the issue...

9.1CVSS5.8AI score0.00521EPSS

Exploits1References1

Vulnrichment•added 2026/04/14 8:6 a.m.•0 views

CVE-2026-31908 Apache APISIX: forward auth plugin allows header injection

5.8AI score0.00521EPSS

Exploits1References1

EUVD•added 2026/04/14 8:6 a.m.•2 views

EUVD-2026-22225

5.8AI score0.00521EPSS

Exploits1References1

CVE•added 2026/04/14 8:6 a.m.•24 views

CVE-2026-31908

Apache APISIX (forward-auth plugin) is affected by a header injection vulnerability (CVE-2026-31908) tracked across multiple feeds. Affects versions 2.12.0 through 3.15.0; exploitation arises from improper sanitization of CRLF sequences in the forward-auth plugin, enabling injection of HTTP heade...

9.1CVSS5.8AI score0.00521EPSS

Exploits1References2Affected Software1

Cvelist•added 2026/04/14 8:6 a.m.•24 views

CVE-2026-31908 Apache APISIX: forward auth plugin allows header injection

0.00521EPSS

Exploits1References1

SUSE CVE•added 2026/03/10 12:24 a.m.•1 views

SUSE CVE-2026-30851

Caddy is an extensible server platform that uses TLS by default. From version 2.10.0 to before version 2.11.2, forwardauth copyheaders does not strip client-supplied headers, allowing identity injection and privilege escalation. This issue has been patched in version 2.11.2...

8.8CVSS5.7AI score0.00249EPSS

Exploits1References4

OSV•added 2026/03/07 4:28 p.m.•8 views

CVE-2026-30851 Caddy forward_auth copy_headers Does Not Strip Client-Supplied Headers, Allowing Identity Injection and Privilege Escalation

8.1CVSS5.7AI score0.00249EPSS

Exploits1References6

Github Security Blog•added 2026/03/06 11:38 p.m.•10 views

Caddy forward_auth copy_headers Does Not Strip Client-Supplied Headers, Allowing Identity Injection and Privilege Escalation

Summary Caddy's forwardauth directive with copyheaders generates conditional header-set operations that only fire when the upstream auth service includes the named header in its response. No delete or remove operation is generated for the original client-supplied request header with the same name...

8.8CVSS5.9AI score0.00249EPSS

Exploits1References6Affected Software1

ATTACKERKB•added 2026/03/05 4:15 p.m.•4 views

CVE-2026-26998

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.38 and 3.6.9, there is a potential vulnerability in Traefik managing the ForwardAuth middleware responses. When Traefik is configured to use the ForwardAuth middleware, the response body from the authentication server is...

4.4CVSS5.8AI score0.00451EPSS

Exploits0References4Affected Software1

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2024-30440

Malicious code in bioql PyPI...

6.3CVSS6.5AI score0.01065EPSS

Exploits0References3

RedhatCVE•added 2025/02/14 11:39 a.m.•9 views

CVE-2024-32638

Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in Apache APISIX when using forward-auth plugin.This issue affects Apache APISIX: from 3.8.0, 3.9.0. Users are recommended to upgrade to version 3.8.1, 3.9.1 or higher, which fixes the issue...

6.3CVSS6.9AI score0.01065EPSS

Exploits0References1

OSV•added 2024/05/04 7:16 a.m.•22 views

BIT-APISIX-2024-32638 Apache APISIX: Forward-Auth Request Smuggling

6.3CVSS6.3AI score0.01065EPSS

Exploits0References3

NVD•added 2024/05/02 10:15 a.m.•13 views

CVE-2024-32638

6.3CVSS6.6AI score0.01065EPSS

Exploits0References2

Rows per page