CVE-2026-48998 guzzlehttp/psr7 has Host Confusion via Authority Reinterpretation

guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Versions prior to 2.10.2 contain improper Host header validation when parsing raw HTTP request messages and when deriving a server request URI from server variables. An attacker can provide a malformed Host header containing U...

Klaw 授权问题漏洞

Klaw is an open-source operating system tool developed by Aiven Open. Versions of Klaw prior to 2.10.2 had an authorization issue vulnerability. This vulnerability stemmed from improper access control, which could allow unauthorized users to trigger the reset or deletion of metadata for any tenan...

HexChat-GNOME Man-in-the-Middle Attack Vulnerability

HexChat formerly known as XChat-WDK, XChat and XChat-GNOME are all IRC a form of instant chat over the Internet communication programs. Versions of XChat,XChat-GNOME prior to HexChat 2.10.2 suffer from a man-in-the-middle attack vulnerability, which allows a man-in-the-middle attacker to spoof SS...