MGASA-2026-0111 Updated nginx packages fix security vulnerabilities

Buffer overflow in ngxhttpdavmodule CVE-2026-27654 Buffer overflow in the ngxhttpmp4module CVE-2026-27784 Buffer overflow in the ngxhttpmp4module CVE-2026-32647 NULL pointer dereference while using CRAM-MD5 or APOP CVE-2026-27651 Injection in authhttp and XCLIENT CVE-2026-28753 OCSP result bypass...

MGASA-2026-0120 Updated perl-Starlet packages fix security vulnerability

Starlet versions through 0.31 for Perl allow HTTP Request Smuggling via Improper Header Precedence. CVE-2026-40561...

Updated perl-Starlet packages fix security vulnerability

Starlet versions through 0.31 for Perl allow HTTP Request Smuggling via Improper Header Precedence. CVE-2026-40561...

EUVD-2026-26716

Bandit HTTP/2 Frame Size Limit Bypass via Late Buffer Check Enables Memory Exhaustion...

Bandit HTTP/2 Frame Size Limit Bypass via Late Buffer Check Enables Memory Exhaustion

Summary Bandit's HTTP/2 parser checks frame size after it has already buffered the full body, instead of when it sees the 9-byte header. A peer can announce a 16 MiB frame on a connection that agreed to 16 KiB frames and the server will silently buffer up to 1024× the agreed budget per connection...

EUVD-2026-26714

Bandit trusts client-supplied URI scheme on plaintext connections...

GHSA-375F-4R2H-F99J Bandit trusts client-supplied URI scheme on plaintext connections

Summary Bandit reflects the client-supplied URI scheme into conn.scheme without verifying the actual transport. Over a plaintext HTTP/1.1 connection or h2c, an unauthenticated attacker can send an absolute-form request target like GET https://victim/path HTTP/1.1 and the application observes...

EUVD-2026-26712

Bandit is vulnerable to CL.CL request smuggling via unrejected duplicate Content-Length header...

adk-utils (=0.0.1), admyral (>=0.1.0 <=0.1.43) +97 more potentially affected by CVE-2026-44503 via microsoft-kiota-http (>=1.10.2 <=1.9.2)

microsoft-kiota-http PYPI version =1.10.2, =0.1.0, =0.2.9, =0.2.9, =0.2.9, =20221202.9.0, =0.2.0, =10.1.0, =3.0.1, =3.0.1, =0.1.1, =0.2.1, =0.1.0, =2.0.0 and more Source cves: CVE-2026-44503 Source advisory: SNYK:PYTHON-MICROSOFTKIOTAHTTP-16699940...

adk-utils (=0.0.1), admyral (>=0.1.0 <=0.1.43) +103 more potentially affected by CVE-2026-44503 via microsoft-kiota-http (>=0.4.4 <=1.9.2)

microsoft-kiota-http PYPI version =0.4.4, =0.1.0, =0.2.9, =0.2.9, =0.2.9, =20221202.9.0, =0.2.0, =10.1.0, =2.4.2, =2.4.2, =3.0.1, =0.1.1, =0.2.0 and more Source cves: CVE-2026-44503 Source advisory: OSV:GHSA-7J59-V9QR-6FQ9...

Open Redirect

Overview microsoft-kiota-http is a python HTTP implementation with HTTPX library. Affected versions of this package are vulnerable to Open Redirect in the RedirectHandler function. An attacker can obtain sensitive information such as session cookies, proxy credentials, and API keys by inducing a...

Exploit for CVE-2026-43585

CVE-2026-43585 Overview Prior to version 2026.4.15, OpenC...

Improper Handling of Highly Compressed Data (Data Amplification)

Overview Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification in the HttpContentDecompressor and DelegatingDecompressorFrameListener components when the Content-Encoding header is set to br, zstd, or snappy. An attacker can exhaust...

Improper Handling of Highly Compressed Data (Data Amplification)

Overview io.netty:netty-codec-http2 is a HTTP2 sub package for the netty library, an event-driven asynchronous network application framework. Affected versions of this package are vulnerable to Improper Handling of Highly Compressed Data Data Amplification in the HttpContentDecompressor and...

ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +2845 more potentially affected by CVE-2026-42587 via io.netty:netty-codec-http (>=4.2.0.Alpha1 <=4.2.12.Final)

io.netty:netty-codec-http MAVEN version =4.2.0.Alpha1, =0.1.0, =0.1.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.2 and more Source cves: CVE-2026-42587 Source advisory: OSV:GHSA-F6HV-JMP6-3VWV...

ai.agentican:agentican-framework-core (>=0.1.0-alpha.2 <=0.1.0-alpha.4), ai.agentican:agentican-quarkus-deployment (>=0.1.0-alpha.1 <=0.1.0-alpha.4) +23724 more potentially affected by CVE-2026-42587 via io.netty:netty-codec-http (>=4.0.0.Alpha1 <=4.1.132.Final)

io.netty:netty-codec-http MAVEN version =4.0.0.Alpha1, =0.1.0-alpha.2, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.3, =0.1.0-alpha.2, =0.1.0, =0.1.0, =0.2.0, =0.2.0, =0.28.0 and more Source cves:...

GHSA-F6HV-JMP6-3VWV Netty: HttpContentDecompressor maxAllocation bypass when Content-Encoding set to br/zstd/snappy leads to decompression bomb DoS

Summary HttpContentDecompressor accepts a maxAllocation parameter to limit decompression buffer size and prevent decompression bomb attacks. This limit is correctly enforced for gzip and deflate encodings via ZlibDecoder, but is silently ignored when the content encoding is br Brotli, zstd, or...

Netty: HttpContentDecompressor maxAllocation bypass when Content-Encoding set to br/zstd/snappy leads to decompression bomb DoS

Summary HttpContentDecompressor accepts a maxAllocation parameter to limit decompression buffer size and prevent decompression bomb attacks. This limit is correctly enforced for gzip and deflate encodings via ZlibDecoder, but is silently ignored when the content encoding is br Brotli, zstd, or...

ai.agentican:agentican-framework-core (>=0.1.0-alpha.2 <=0.1.0-alpha.4), ai.agentican:agentican-quarkus-deployment (>=0.1.0-alpha.1 <=0.1.0-alpha.4) +23724 more potentially affected by CVE-2026-42585 via io.netty:netty-codec-http (>=4.0.0.Alpha1 <=4.1.132.Final)

io.netty:netty-codec-http MAVEN version =4.0.0.Alpha1, =0.1.0-alpha.2, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.3, =0.1.0-alpha.2, =0.1.0, =0.1.0, =0.2.0, =0.2.0, =0.28.0 and more Source cves:...

GHSA-38F8-5428-X5CV Netty vulnerable to HTTP Request Smuggling due to malformed Transfer-Encoding

Summary Netty incorrectly parses malformed Transfer-Encoding, enabling request smuggling attacks. Details Netty incorrectly marks a request as chunked when malformed "Transfer-Encoding: chunked, identity" is present. According to RFC...