GHSA-P88M-4JFJ-68FV undici vulnerable to HTTP header injection via Set-Cookie percent-decoding

Impact undici's cookie parser in parseSetCookie percent-decodes cookie values via qsUnescape, turning encoded sequences like %0D%0A, %00, %3B, and %3D into their literal byte equivalents. RFC 6265 §5.4 does not specify any decoding and browsers do not decode either. Applications that parse a...

CVE-2026-9679

Impact: undici's cookie parser in parseSetCookie percent-decodes cookie values via qsUnescape, turning encoded sequences like %0D%0A, %00, %3B, and %3D into their literal byte equivalents. RFC 6265 §5.4 does not specify any decoding and browsers do not decode either. Applications that parse a...

python-multipart: Content-Disposition parameter smuggling via RFC 2231/5987 extended parameters

Summary parseoptionsheader parsed Content-Disposition and Content-Type headers with email.message.Message, which transparently applies RFC 2231/5987 decoding. The extended parameter syntax filename=charset'lang'value, name=..., and the filename0/filename1 continuation form is decoded and surfaced...

SUSE CVE-2026-45372

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.44.0, when cpp-httplib's server parses an incoming request, it applies percent-decoding to every header value except Location and Referer. The validity check isfieldvalue is run before decoding, so encode...

UBUNTU-CVE-2026-45372

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.44.0, when cpp-httplib's server parses an incoming request, it applies percent-decoding to every header value except Location and Referer. The validity check isfieldvalue is run before decoding, so encode...

EUVD-2026-33427

cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.44.0, when cpp-httplib's server parses an incoming request, it applies percent-decoding to every header value except Location and Referer. The validity check isfieldvalue is run before decoding, so encode...

CVE-2026-45372

In cpp-httplib, prior to version 0.44.0, the server-side header parsing in parse_header applies percent-decoding to header values (except Location and Referer) after validating the pre-decoded string. The validity check (is_field_value) runs before decoding, allowing an encoded %0D%0A to bypass c...

CVE-2026-43861

mutt before 2.3.2 does not check for '\0' in urlpctdecode...

CVE-2026-43861

CVE-2026-43861 affects mutt up to version 2.3.1, where the url_pct_decode function does not check for a '\0' terminator. This could allow malformed URLs to bypass validation. The CVSSv3.1 base score is 3.7 (LOW); attack vector: NETWORK, complexity: HIGH, privileges: NONE, user interaction: NONE. ...

PT-2026-36774

Name of the Vulnerable Software and Affected Versions mutt versions prior to 2.3.2 Description The software fails to check for the null character '0' within the url pct decode function. Recommendations Update to version 2.3.2 or later...

CVE-2026-28807

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in gleam-wisp wisp allows arbitrary file read via percent-encoded path traversal. The wisp.servestatic function is vulnerable to path traversal because sanitization runs before percent-decoding. The encoded...

EUVD-2026-10907

Wisp Vulnerable to Path Traversal...

CVE-2026-28807

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in gleam-wisp wisp allows arbitrary file read via percent-encoded path traversal. The wisp.servestatic function is vulnerable to path traversal because sanitization runs before percent-decoding. The encoded...

CVE-2026-28807 Path Traversal in wisp.serve_static allows arbitrary file read

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in gleam-wisp wisp allows arbitrary file read via percent-encoded path traversal. The wisp.servestatic function is vulnerable to path traversal because sanitization runs before percent-decoding. The encoded...

EEF-CVE-2026-28807 Path Traversal in wisp.serve_static allows arbitrary file read

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in gleam-wisp wisp allows arbitrary file read via percent-encoded path traversal. The wisp.servestatic function is vulnerable to path traversal because sanitization runs before percent-decoding. The encoded...