CVE-2026-55766

guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Prior to 2.12.1, guzzlehttp/psr7 did not reject CR/LF characters in certain first-party HTTP start-line fields: the request method, protocol version, and response reason phrase. If an application placed attacker-controlled dat...

GHSA-268H-HP4C-CRQ3 Nodemailer: CRLF injection in Nodemailer List-* header comments allows arbitrary message header injection

Summary Nodemailer constructs List- headers from the caller-provided list message option using internally prepared header values. The list..comment field is inserted into those prepared values without removing CR \r or LF \n characters. Because prepared headers bypass the normal header-value...

form-data: CRLF injection in form-data via unescaped multipart field names and filenames

Summary form-data builds multipart/form-data request bodies. Through v4.0.5, the field name passed to FormDataappend and the filename option are concatenated directly into the Content-Disposition header with no escaping of CR \r, LF \n, or ". An application that uses untrusted input as a field na...

DEBIAN-CVE-2026-42850

Kitty is a cross-platform GPU based terminal. In versions prior to 0.47.0, it is possible to inject commands within the subshell through kitty error. A special escape code will make kitty return an error, this error is not escaped and will be correctly echoed back to the terminal with CRLF, as su...

SwiftNIO: CRLF Injection in outbound HTTP request URI via NIOHTTPRequestHeadersValidator

Programs using swift-nio is vulnerable to HTTP request smuggling and HTTP response splitting attacks, caused by insufficient validation of outbound HTTP/1.1 request and response start line components. This vulnerability affects all swift-nio versions from 2.0.0 to 2.99.0. It is fixed in 2.100.0 a...

CVE-2026-43966

Improper Neutralization of CRLF Sequences in HTTP Headers 'HTTP Request/Response Splitting' vulnerability in ninenines cowlib allows HTTP response splitting via non-VCHAR bytes in structured-fields string values. cowhttpstructhd:escapestring/2 in cowlib only escapes \ and ", passing all other byt...

CVE-2026-49756

Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability in wojtekmach Req allows multipart parameter smuggling via attacker-influenced part metadata. Req.Utils.encodeformpart/2 in lib/req/utils.ex builds the per-part headers by interpolating the caller-supplied name, filename, an...

CVE-2026-49756

CVE-2026-49756 describes a CRLF injection in Req.Utils.encode_form_part/2 of the Elixir Req library. User-controlled name, filename, or content_type are interpolated into Content-Disposition and Content-Type without escaping, allowing CRLFs to terminate header lines and add smuggled parts. This e...

Exploit for Missing Authentication for Critical Function in Cpanel

CVE-2026-41940 - cPanel/WHM Authentication Bypass This reposi...

OPENSUSE-SU-2026:20895-1 Security update for libsoup2

This update for libsoup2 fixes the following issues: - CVE-2026-1801: Use CRLF as line boundary when parsing chunk encoding data bsc1257649...

EUVD-2026-34012

Improper Encoding or Escaping of Output vulnerability in elixir-tesla tesla allows multipart part header injection via unescaped Content-Disposition parameter values. Tesla.Multipart.partheadersfordisposition/1 interpolates each disposition parameter as k="v" with no validation of CR \r, LF \n, o...

CVE-2026-48598 CRLF injection in Tesla.Multipart disposition parameters allows multipart part header injection

Improper Encoding or Escaping of Output vulnerability in elixir-tesla tesla allows multipart part header injection via unescaped Content-Disposition parameter values. Tesla.Multipart.partheadersfordisposition/1 interpolates each disposition parameter as k="v" with no validation of CR \r, LF \n, o...

CVE-2026-47072

Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability in benoitc hackney allows HTTP Request/Response Splitting. The WebSocket upgrade code in src/hackneyws.erl copies the host, path, headers ExtraHeaders, and protocols options from the caller-supplied opts map into the interna...

CVE-2026-43882

WWBN AVideo is an open source video platform. In versions up to and including 29.0, the unauthenticated plugin/Scheduler/downloadICS.php endpoint passes attacker-controlled title, description, and joinURL parameters into Scheduler::downloadICS, which builds an ICS calendar file via the ICS helper...

ninenines cowlib: Improper Neutralization of CRLF Sequences ('CRLF Injection') vulnerability allows SSE event splitting and injection via unvalidated field values

Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability in ninenines cowlib allows SSE event splitting and injection via unvalidated field values. cowsse:event/1 in cowlib guards the id and event fields against \n but not against bare \r, and the internal prefixlines/2 function...

CVE-2026-7010

HTTP::Tiny for Perl is vulnerable in versions before 0.093 due to failure to validate CRLF in HTTP request lines and certain header values (method/URI, Host header, and HTTP/1.1 control data). An attacker who controls these inputs (e.g., via a user-supplied URL in a webhook or URL fetch endpoint)...

CVE-2026-43969

CVE-2026-43969 affects the Erlang/Elixir cowlib project (cow_cookie:cookie/1). The encoder builds a client-side Cookie header from name-value pairs without validating characters, allowing an attacker-controlled cookie name or value to inject CR, LF, semicolon, comma, or TAB. This enables cookie s...

CVE-2026-42257 net-imap: Command Injection via "raw" arguments to multiple commands

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, several Net::IMAP commands accept a raw string argument that is sent to the server without validation or escaping. If this string is derived from user-controlled...

Exploit for Missing Authentication for Critical Function in Cpanel

cpanel-pwn cPanel/WHM security testing toolkit. Implements th...

HTTP Request Smuggling

Overview io.netty:netty-codec-http is a network application framework for rapid development of maintainable high performance protocol servers & clients. Affected versions of this package are vulnerable to HTTP Request Smuggling in the setUri function. An attacker can inject arbitrary CRLF sequenc...