CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added yesterday•17 views

CVE-2026-55603

CVE-2026-55603 affects http-proxy-middleware (Node.js). In versions 3.0.4–3.0.7 and 4.1.1, fixRequestBody() rebuilds multipart/form-data by interpolating req.body into the wire format without neutralizing CR/LF. This can let an attacker inject a new multipart part (via unescaped CRLF in keys/valu...

7.5CVSS5.9AI score

Cvelist•added yesterday•19 views

CVE-2026-55603 http-proxy-middleware: multipart/form-data field injection via unescaped CRLF in `fixRequestBody`

7.5CVSS

NVD•added yesterday•7 views

CVE-2026-55602

http-proxy-middleware is node.js http-proxy middleware. From 0.16.0 until 2.0.10, 3.0.6, and 4.1.0, http-proxy-middleware documents router proxy-table entries as host, path, or host+path selectors, but the host+path implementation uses unanchored substring matching on attacker-controlled request...

6.9CVSS

ATTACKERKB•added yesterday•3 views

CVE-2026-55602

CVE•added yesterday•18 views

CVE-2026-55602

CVE-2026-55602 affects http-proxy-middleware where host+path router keys use unanchored substring matching, enabling Host header-based routing bypass. From 0.16.0 through 2.0.10, 3.0.6, and 4.1.0 only, a crafted Host header that forms a superstring with a configured host+path key can route to an ...

Cvelist•added yesterday•28 views

CVE-2026-55602 http-proxy-middleware `router` host+path substring matching allows Host-header-driven backend routing bypass

6.9CVSS

Snyk•added 5 days ago•5 views

CRLF Injection

Overview Affected versions of this package are vulnerable to CRLF Injection via the fixRequestBody function. An attacker can inject or override multipart form fields, potentially bypassing gateway-side validation or access controls, by supplying crafted input containing carriage return and line...

7.5CVSS5.9AI score

Patchstack•added 5 days ago•3 views

NPM: http-proxy-middleware: multipart/form-data field injection via unescaped CRLF in `fixRequestBody`

NPM: http-proxy-middleware: multipart/form-data field injection via unescaped CRLF in fixRequestBody vulnerability discovered by ? in WordPress Npm http-proxy-middleware versions = 3.0.4, 3.0.7...

7.5CVSS5.8AI score

Github Security Blog•added 5 days ago•12 views

http-proxy-middleware `router` host+path substring matching allows Host-header-driven backend routing bypass

Summary http-proxy-middleware documents router proxy-table entries as host, path, or host+path selectors, but the host+path implementation uses unanchored substring matching on attacker-controlled request metadata. As a result, a crafted Host header that is only a superstring match for a configur...

6.9CVSS5.6AI score

OSV•added 5 days ago•2 views

GHSA-64MM-VXMG-Q3VJ http-proxy-middleware `router` host+path substring matching allows Host-header-driven backend routing bypass

6.9CVSS5.6AI score

Snyk•added 5 days ago•5 views

Partial String Comparison

Overview Affected versions of this package are vulnerable to Partial String Comparison via the router component. An attacker can route requests to unintended backend servers by sending crafted HTTP requests with manipulated Host headers. Remediation Upgrade http-proxy-middleware to version 2.0.10...

Patchstack•added 5 days ago•3 views

NPM: http-proxy-middleware `router` host+path substring matching allows Host-header-driven backend routing bypass

NPM: http-proxy-middleware router host+path substring matching allows Host-header-driven backend routing bypass vulnerability discovered by ? in WordPress Npm http-proxy-middleware versions = 0.16.0, 3.0.6...

6.9CVSS5.8AI score

Positive Technologies•added 5 days ago•11 views

PT-2026-50734

Name of the Vulnerable Software and Affected Versions http-proxy-middleware versions 0.16.0 through 2.0.9 http-proxy-middleware versions 3.0.0 through 3.0.5 http-proxy-middleware versions 4.0.0 through 4.0.9 Description An issue exists in the router proxy-table implementation where host+path...

Circl•added 6 days ago•6 views

Exploits0References4

CVE-2026-55603

creationtimestamp| type| source ---|---|--- 2026-06-17 17:17:39+00:00| published-proof-of-concept| https://github.com/chimurai/http-proxy-middleware/security/advisories/GHSA-gcq2-9pq2-cxqm 2026-06-23 09:03:07+00:00| seen| https://bsky.app/profile/hugovalters.bsky.social/post/3mox25jonrk2t...

7.5CVSS5.8AI score

Circl•added 6 days ago•6 views

CVE-2026-55602

creationtimestamp| type| source ---|---|--- 2026-06-17 17:17:28+00:00| published-proof-of-concept| https://github.com/chimurai/http-proxy-middleware/security/advisories/GHSA-64mm-vxmg-q3vj...

6.9CVSS5AI score

RedhatCVE•added 2026/06/05 7:39 p.m.•8 views

CVE-2026-7223

A vulnerability was identified in BigSweetPotatoStudio HyperChat up to 2.0.0-alpha.63. Affected by this issue is the function fetch of the file packages/core/src/http/aiProxyMiddleware.mts of the component AI Proxy Middleware. Such manipulation of the argument baseurl leads to server-side request...

7.5CVSS6.8AI score0.00278EPSS

OSV•added 2026/06/04 7:48 p.m.•7 views

ROOT-APP-NPM-CVE-2024-21536 CVE-2024-21536 in @rootio/http-proxy-middleware - Patched by Root

Root has patched CVE-2024-21536 in the @rootio/http-proxy-middleware package for Root:npm. Multiple fixed versions available...

7.5CVSS5.8AI score0.01009EPSS

Exploits1

NVD•added 2026/05/29 7:16 p.m.•9 views

CVE-2026-44652

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0, corsProxyMiddleware forwards req.params.url directly into fetchurl, .... It only blocks circular...

6.9CVSS0.00375EPSS

Vulnrichment•added 2026/05/29 5:43 p.m.•11 views

CVE-2026-44652 SillyTavern: SSRF vulnerability in the CORS proxy middleware

6.9CVSS5.8AI score0.00375EPSS