CVE-2026-40175

CVE-2026-40175 – Axios : Multiple connected sources confirm a vulnerability in Axios prior to 1.15.0 and 0.3.1 where a specific “Gadget” attack chain enables Prototype Pollution that can be escalated to Remote Code Execution or Full Cloud Compromise (e.g., via AWS IMDSv2 bypass). Public PoCs and ...

CVE-2026-40175 Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain

Axios is a promise based HTTP client for the browser and Node.js. Versions prior to 1.15.0 and 0.3.1 are vulnerable to a specific gadget-style attack chain in which prototype pollution in a third-party dependency may be leveraged to inject unsanitized header values into outbound requests. This...

CVE-2026-40175 Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain

Axios is a promise based HTTP client for the browser and Node.js. Versions prior to 1.15.0 and 0.3.1 are vulnerable to a specific gadget-style attack chain in which prototype pollution in a third-party dependency may be leveraged to inject unsanitized header values into outbound requests. This...

PraisonAI has Unrestricted Upload Size in WSGI Recipe Registry Server that Enables Memory Exhaustion DoS

Summary The WSGI-based recipe registry server server.py reads the entire HTTP request body into memory based on the client-supplied Content-Length header with no upper bound. Combined with authentication being disabled by default no token configured, any local process can send arbitrarily large...

EUVD-2026-21519

CR/LF bytes were not rejected by HTTP client proxy tunnel headers or host...

CVE-2026-1502

CR/LF bytes were not rejected by HTTP client proxy tunnel headers or host...

DEBIAN-CVE-2026-1502

CR/LF bytes were not rejected by HTTP client proxy tunnel headers or host...

UBUNTU-CVE-2026-1502

CR/LF bytes were not rejected by HTTP client proxy tunnel headers or host...

CVE-2026-1502

CR/LF bytes were not rejected by HTTP client proxy tunnel headers or host...

CVE-2026-1502

The CVE-2026-1502 entry concerns CR/LF bytes not being rejected by HTTP client proxy tunnel headers or host, as described in both the CVE record and the CVE-List entry. The connected documents indicate this is related to HTTP client proxy tunnel header validation, without providing specific affec...

PSF-2026-15

CR/LF bytes were not rejected by HTTP client proxy tunnel headers or host...

CRLF Injection

Overview Affected versions of this package are vulnerable to CRLF Injection via improper validation of HTTP client proxy tunnel headers or host fields. An attacker can inject arbitrary HTTP headers. Remediation A fix was pushed into the master branch but not yet published. References - GitHub...

CVE-2026-1502

CR/LF bytes were not rejected by HTTP client proxy tunnel headers or host...

@sveltejs/kit: Unvalidated redirect in handle hook causes Denial-of-Service

redirect, when called from inside the handle server hook with a location parameter containing characters that are invalid in a HTTP header, will cause an unhandled TypeError. This could result in DoS on some platforms, especially if the location passed to redirect contains unsanitized user input...

GHSA-3F6H-2HRP-W5WX @sveltejs/kit: Unvalidated redirect in handle hook causes Denial-of-Service

redirect, when called from inside the handle server hook with a location parameter containing characters that are invalid in a HTTP header, will cause an unhandled TypeError. This could result in DoS on some platforms, especially if the location passed to redirect contains unsanitized user input...

CVE-2026-40074

SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. Prior to 2.57.1, redirect, when called from inside the handle server hook with a location parameter containing characters that are invalid in a HTTP header, will cause an unhandled TypeError. This...

CVE-2026-35656

OpenClaw before 2026.3.22 contains an authentication bypass vulnerability in the X-Forwarded-For header processing when trustedProxies is configured, allowing attackers to spoof loopback hops. Remote attackers can inject forged forwarding headers to bypass canvas authentication and rate-limiting...

MGASA-2026-0092 Updated python-tornado packages fix security vulnerabilities

Tornado vulnerable to Header Injection and XSS via reason argument. CVE-2025-67724 Tornado is Vulnerable to Quadratic DoS via Repeated Header Coalescing. CVE-2025-67725 Tornado is Vulnerable to Quadratic DoS via Crafted Multipart Parameters. CVE-2025-67726...

Updated python-tornado packages fix security vulnerabilities

Tornado vulnerable to Header Injection and XSS via reason argument. CVE-2025-67724 Tornado is Vulnerable to Quadratic DoS via Repeated Header Coalescing. CVE-2025-67725 Tornado is Vulnerable to Quadratic DoS via Crafted Multipart Parameters. CVE-2025-67726...

CVE-2026-40074

SvelteKit is a framework for rapidly developing robust, performant web applications using Svelte. Prior to 2.57.1, redirect, when called from inside the handle server hook with a location parameter containing characters that are invalid in a HTTP header, will cause an unhandled TypeError. This...