Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2026/05/05 11:17 a.m.7 views

CVE-2026-6994

A flaw was found in Envoy. A remote attacker could exploit a weakness in the Query Parameter Handler component, specifically within the params.add function. This vulnerability allows for injection, which may lead to limited impacts on the confidentiality, integrity, and availability of the affect...

6.5CVSS5.8AI score0.00056EPSS
Exploits0References8
NVD
NVDadded 2026/04/25 7:16 p.m.2 views

CVE-2026-6994

A weakness has been identified in Envoy up to 1.33.0. Affected is the function params.add of the file source/extensions/filters/http/headermutation/headermutation.cc of the component Query Parameter Handler. This manipulation causes injection. Remote exploitation of the attack is possible. Patch...

6.5CVSS0.00056EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/04/25 7:0 p.m.2 views

CVE-2026-6994

A weakness has been identified in Envoy up to 1.33.0. Affected is the function params.add of the file source/extensions/filters/http/headermutation/headermutation.cc of the component Query Parameter Handler. This manipulation causes injection. Remote exploitation of the attack is possible. Patch...

6.5CVSS6.2AI score0.00056EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/04/25 7:0 p.m.2 views

CVE-2026-6994 Envoy Query Parameter header_mutation.cc params.add injection

A weakness has been identified in Envoy up to 1.33.0. Affected is the function params.add of the file source/extensions/filters/http/headermutation/headermutation.cc of the component Query Parameter Handler. This manipulation causes injection. Remote exploitation of the attack is possible. Patch...

6.5CVSS5.2AI score0.00056EPSS
Exploits0References5
CVE
CVEadded 2026/04/25 7:0 p.m.6 views

CVE-2026-6994

Envoy up to 1.33.0 contains a vulnerability in the header_mutation.cc component (header_mutation, function params.add) that enables injection due to input manipulation. The issue is exploitable remotely, per the description. A patch (commit f8f4f1e02fdc64ecd4acf2d903208dd7285ad3a4) is available a...

6.5CVSS6.3AI score0.00056EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/04/25 7:0 p.m.26 views

CVE-2026-6994 Envoy Query Parameter header_mutation.cc params.add injection

A weakness has been identified in Envoy up to 1.33.0. Affected is the function params.add of the file source/extensions/filters/http/headermutation/headermutation.cc of the component Query Parameter Handler. This manipulation causes injection. Remote exploitation of the attack is possible. Patch...

6.5CVSS0.00056EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusadded 2026/03/04 12:0 a.m.1 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005561)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005561 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Add error handling to pairdevice hciconnparamsadd never checks for a NULL value...

5.5CVSS6.8AI score0.00019EPSS
Exploits0References3
Rows per page
Query Builder