CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2026/04/24 5:8 p.m.•8 views

CVE-2026-41322

CVE-2026-41322 affects @astrojs/node used with Astro. Prior to 10.0.5, when a malformed/incorrect If-Match header triggers a precondition failure for static files under /_astro/, the underlying stream emits an error after emitting a file event and the server responds with 500 Internal Server Erro...

5.3CVSS5.2AI score0.00056EPSS

Cvelist•added 2026/04/24 5:8 p.m.•26 views

CVE-2026-41322 @astrojs/node: Cache Poisoning due to incorrect error handling when if-match header is malformed

5.3CVSS0.00056EPSS

ATTACKERKB•added 2026/04/24 5:8 p.m.•3 views

CVE-2026-41322

5.3CVSS5.2AI score0.00056EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2026/04/24 5:8 p.m.•1 views

CVE-2026-41322 @astrojs/node: Cache Poisoning due to incorrect error handling when if-match header is malformed

5.3CVSS5.1AI score0.00056EPSS

OSV•added 2026/04/24 4:44 p.m.•5 views

CLSA-2026-1777049076 tar: Fix of CVE-2019-9923

CVE-2019-9923: fix possible NULL dereference in paxdecodeheader...

7.5CVSS7.3AI score0.004EPSS

Snyk•added 2026/04/24 4:32 p.m.•2 views

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the ServeHTTP function, which does not sufficiently sanitize X- alias headers. An attacker can gain unauthenticated access to protected endpoints by injecting spoofed trust context with...

10CVSS5.5AI score0.00088EPSS

Github Security Blog•added 2026/04/24 4:32 p.m.•7 views

Traefik: Pre-authentication decision bypass due to forwarded alias spoofing

Summary There is a high severity authentication bypass vulnerability in Traefik's ForwardAuth and snippet-based authentication middleware. Traefik's forwarded-header sanitization logic targets only canonical header names e.g., X-Forwarded-Proto and does not strip or normalize alias variants that...

10CVSS5.5AI score0.00088EPSS

Exploits1References6Affected Software3

OSV•added 2026/04/24 4:32 p.m.•1 views

GHSA-5M6W-WVH7-57VM Traefik: Pre-authentication decision bypass due to forwarded alias spoofing

10CVSS5.8AI score0.00088EPSS

Exploits1References6

Snyk•added 2026/04/24 4:31 p.m.•1 views

Insufficient Verification of Data Authenticity

Overview Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity in the ForwardAuth middleware when trustForwardHeader is set to false and the deployment is behind a trusted upstream proxy. An attacker can gain unauthorized access to protected backend...

Snyk•added 2026/04/24 4:31 p.m.•2 views

Insufficient Verification of Data Authenticity

Snyk•added 2026/04/24 4:31 p.m.•2 views

Insufficient Verification of Data Authenticity

Snyk•added 2026/04/24 4:31 p.m.•3 views

Insufficient Verification of Data Authenticity

Overview github.com/traefik/traefik/v2/pkg/middlewares/auth is a Cloud Native Application Proxy. Affected versions of this package are vulnerable to Insufficient Verification of Data Authenticity in the ForwardAuth middleware when trustForwardHeader is set to false and the deployment is behind a...

Github Security Blog•added 2026/04/24 4:31 p.m.•8 views

Traefik's ForwardAuth trustForwardHeader=false allows spoofed X-Forwarded-Prefix to bypass authentication

Summary There is a high-severity authentication bypass vulnerability in Traefik's ForwardAuth middleware when trustForwardHeader=false is configured and Traefik is deployed behind a trusted upstream proxy. While X-Forwarded- headers such as X-Forwarded-For, X-Forwarded-Host, and X-Forwarded-Proto...

10CVSS5.6AI score0.00025EPSS

Exploits1References6Affected Software3

Snyk•added 2026/04/24 4:31 p.m.•1 views

Insufficient Verification of Data Authenticity

Snyk•added 2026/04/24 4:31 p.m.•3 views

Insufficient Verification of Data Authenticity