CVE-2026-53538

CVE-2026-53538 affects python-multipart, a streaming multipart parser for Python. Prior to 0.0.30, the QuerystringParser treated ";" as a field separator in application/x-www-form-urlencoded bodies in addition to "&", creating a parsing differential against WHATWG/urllib.parse behavior that only ...

CVE-2026-53538 Python-Multipart: Semicolon treated as querystring field separator enables parameter smuggling

Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, QuerystringParser treated ; as a field separator in application/x-www-form-urlencoded bodies, in addition to &. The WHATWG URL standard, modern browsers, and Python's urllib.parse since the CVE-2021-23336 fix treat only...

python-multipart: Semicolon treated as querystring field separator enables parameter smuggling

Summary QuerystringParser treated ; as a field separator in application/x-www-form-urlencoded bodies, in addition to &. The WHATWG URL standard, modern browsers, and Python's urllib.parse since the CVE-2021-23336 fix treat only & as a separator. This creates a parser differential: the same bytes...

CVE-2026-49756 Multipart form-data header injection in Req via unescaped name/filename/content_type

Improper Neutralization of CRLF Sequences 'CRLF Injection' vulnerability in wojtekmach Req allows multipart parameter smuggling via attacker-influenced part metadata. Req.Utils.encodeformpart/2 in lib/req/utils.ex builds the per-part headers by interpolating the caller-supplied name, filename, an...

CVE-2026-49756

CVE-2026-49756 describes a CRLF injection in Req.Utils.encode_form_part/2 of the Elixir Req library. User-controlled name, filename, or content_type are interpolated into Content-Disposition and Content-Type without escaping, allowing CRLFs to terminate header lines and add smuggled parts. This e...

GHSA-36HH-X5P5-JGC8 @hapi/content header parser has a parameter smuggling issue that allows upload-filter bypass via duplicate parameters

Impact The two parsers resolved duplicates inconsistently and silently: - Content.disposition retained the last occurrence of each parameter. - Content.type retained the first occurrence of charset and boundary. Either behavior creates a parameter-smuggling primitive when another component in the...

@hapi/content header parser has a parameter smuggling issue that allows upload-filter bypass via duplicate parameters

Impact The two parsers resolved duplicates inconsistently and silently: - Content.disposition retained the last occurrence of each parameter. - Content.type retained the first occurrence of charset and boundary. Either behavior creates a parameter-smuggling primitive when another component in the...

Ruby Rack 3.x < 3.1.21 / 3.2.x < 3.2.6 Multiple Vulnerabilities

The version of the Rack Ruby library installed on the remote host is 3.0.0.beta1 or later but prior to 3.1.21, or is 3.2.0 or later but prior to 3.2.6. It is, therefore, affected by multiple vulnerabilities: - Rack::Multipart::Parserhandlemimehead parses quoted multipart parameters using repeated...

CVE-2026-32762

A flaw was found in Rack, a modular Ruby web server interface. This vulnerability arises from improper parsing of the RFC 7239 Forwarded header, where semicolons within quoted values are incorrectly interpreted as delimiters. An attacker can exploit this by crafting a malicious Forwarded header,...

Rack 安全漏洞

Rack is a modular Ruby web server interface developed by Rack authors. There were security vulnerabilities in versions of Rack from 3.0.0.beta1 to 3.1.21, as well as in versions from 3.2.0 to 3.2.6. These vulnerabilities stemmed from improper parsing of forwarded headers, which could lead to...

CVE-2026-32939

DataEase is an open source data visualization analysis tool. Versions 2.10.19 and below have inconsistent Locale handling between the JDBC URL validation logic and the H2 JDBC engine's internal parsing. DataEase uses String.toUpperCase without specifying an explicit Locale, causing its security...

Security Bulletin: Vulnerabilities in MongoDB, Python, Node.js, Golang Go, Linux kernel affect IBM Spectrum Protect Plus

Summary IBM Spectrum Protect Plus can be affected by vulnerabilities in MongoDB, Python, Node.js, Golang Go and Linux. Vulnerabilities include obtaining sensitive information, causing a denial of service condition, the elevation of privileges, query parameter smuggling, remote execution of...

Unity Linux 20.1070e Security Update: golang (UTSA-2025-986182)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986182 advisory. Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparsable parameters rejected by net/http. This could permit...

EUVD-2022-35112

Malicious code in bioql PyPI...

TencentOS Server 3: grafana (TSSA-2023:0097)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0097 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

OESA-2025-1056 podman security update

Podman manages the entire container ecosystem which includes pods, containers, container images, and container volumes using the libpod library. Security Fixes: Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of...

OESA-2025-1053 podman security update

Podman manages the entire container ecosystem which includes pods, containers, container images, and container volumes using the libpod library. Security Fixes: Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of...

Security Bulletin: Vulnerabilities in Golang Go affect watsonx.data

Summary Golang Go has multiple vulnerabilities that include HTTP injection, remote attacks to conduct query parameter smuggling, remote attackd to bypass security restrictions, and denial of service attacks. These can affect watsonx.data. Vulnerability Details CVEID:CVE-2022-32189 DESCRIPTION:...

golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters

A flaw was found in the golang package, where requests forwarded by reverse proxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This issue could permit query parameter smuggling when a Go proxy forwards a parameter with an...

GHSA-F42M-MVFV-CGW5 mlflow vulnerable to Path Traversal

A path traversal vulnerability exists in the mlflow/mlflow repository due to improper handling of URL parameters. By smuggling path traversal sequences using the ';' character in URLs, attackers can manipulate the 'params' portion of the URL to gain unauthorized access to files or directories. Th...