8 matches found
Improper Access Control
Caddy is vulnerable to Improper Access Control. The vulnerability is due to incorrect case-insensitive matching in the HTTP host request matcher when large host lists are configured, allowing attackers to modify the casing of the Host header and bypass host-based routing or associated access...
Linux Distros Unpatched Vulnerability : CVE-2026-27588
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, Caddy's HTTP host request matcher is documented as case-insensitive, b...
CVE-2026-27588
Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, Caddy's HTTP host request matcher is documented as case-insensitive, but when configured with a large host list 100 entries it becomes case-sensitive due to an optimized matching path. An attacker can bypass...
CVE-2026-27588 Caddy: MatchHost becomes case-sensitive for large host lists (>100), enabling host-based route/auth bypass
Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, Caddy's HTTP host request matcher is documented as case-insensitive, but when configured with a large host list 100 entries it becomes case-sensitive due to an optimized matching path. An attacker can bypass...
CVE-2026-27588 Caddy: MatchHost becomes case-sensitive for large host lists (>100), enabling host-based route/auth bypass
Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, Caddy's HTTP host request matcher is documented as case-insensitive, but when configured with a large host list 100 entries it becomes case-sensitive due to an optimized matching path. An attacker can bypass...
CVE-2026-27588
Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, Caddy's HTTP host request matcher is documented as case-insensitive, but when configured with a large host list 100 entries it becomes case-sensitive due to an optimized matching path. An attacker can bypass...
CVE-2026-27588 Caddy: MatchHost becomes case-sensitive for large host lists (>100), enabling host-based route/auth bypass
Caddy is an extensible server platform that uses TLS by default. Prior to version 2.11.1, Caddy's HTTP host request matcher is documented as case-insensitive, but when configured with a large host list 100 entries it becomes case-sensitive due to an optimized matching path. An attacker can bypass...
CVE-2026-27588
Summary (CVE-2026-27588) Caddy (v2.x) vulnerability in the host matcher: when a large allowlist (>100 hosts) is configured, the MatchHost algorithm uses a fast path that enforces a case-sensitive comparison, which makes the host matching effectively case-sensitive and can bypass host-based rou...