Lucene search
K

7304 matches found

Nuclei
Nuclei
added 9 hours ago358 views

Qlik Sense Enterprise - HTTP Request Smuggling

An HTTP Request Tunneling vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows a remote attacker to elevate their privilege by tunnelin...

9.9CVSS7.4AI score0.84967EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added yesterday8 views

CVE-2026-38969

A flaw was found in WEBrick, a Ruby web server toolkit. This vulnerability allows a remote attacker to perform request smuggling by manipulating the Content-Length header in HTTP/1.1 requests. WEBrick incorrectly re-parses the trailer Content-Length, leading to a desynchronization between the pro...

6.5CVSS5.9AI score0.00162EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2 days ago4 views

io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values

A flaw was found in Netty. A remote attacker could exploit this vulnerability by sending specially crafted HTTP/1.1 chunked transfer encoding extension values. Due to incorrect parsing of quoted strings, this flaw enables request smuggling attacks, potentially allowing an attacker to bypass...

7.5CVSS6.6AI score0.0064EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2 days ago5 views

netty-codec-http: Netty is vulnerable to request smuggling due to incorrect parsing of chunk extensions

A flaw in Netty’s HTTP/1.1 chunked encoding parser allows newline LF characters in chunk extensions to be incorrectly treated as the end of the chunk-size line instead of requiring the proper CRLF sequence. This discrepancy can be exploited in rare cases where a reverse proxy interprets the same...

7.5CVSS6.6AI score0.00631EPSS
Exploits1References11
CVE
CVE
added 2 days ago7 views

CVE-2026-38969

WEBrick (Ruby) up to v1.9.2 reparses trailer Content-Length into canonical request state, enabling request smuggling. Affected component: WEBrick until 1.9.2. Impact: potential manipulation of request semantics as described in CVE-2026-38969. No remediation details provided in the documents; moni...

5.8AI score0.00162EPSS
Exploits0References2
NVD
NVD
added 4 days ago6 views

CVE-2026-11541

IBM WebSphere Application Server 9.0, and 8.5 and IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.6 are affected by an HTTP request smuggling vulnerability...

9.8CVSS0.00418EPSS
Exploits0References1
CVE
CVE
added 4 days ago13 views

CVE-2026-11541

IBM WebSphere Application Server 9.0, 8.5 and IBM WebSphere Application Server Liberty 17.0.0.3 through 26.0.0.6 are affected by an HTTP request smuggling vulnerability tracked as CVE-2026-11541. The available connected sources consistently identify the affected products and the vulnerability cla...

9.8CVSS5.8AI score0.00418EPSS
Exploits0References1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 5 days ago4 views

Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty, which are bundled IBM WebSphere Remote Server, are affected by HTTP request smuggling (CVE-2026-11541)

Summary IBM WebSphere Application Server and WebSphere Application Server Liberty is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM WebSphere Application Server and WebSphere Application Server Liberty has been published in a security bulletin...

9.8CVSS5.8AI score0.00418EPSS
Exploits0Affected Software1
OSV
OSV
added 5 days ago5 views

PYSEC-2026-348 h11 accepts some malformed Chunked-Encoding bodies

Impact A leniency in h11's parsing of line terminators in chunked-coding message bodies can lead to request smuggling vulnerabilities under certain conditions. Details HTTP/1.1 Chunked-Encoding bodies are formatted as a sequence of "chunks", each of which consists of: - chunk length - \r\n - leng...

9.1CVSS5.8AI score0.00522EPSS
Exploits0References6
Nuclei
Nuclei
added 6 days ago158 views

SAP Memory Pipes (MPI) Desynchronization

SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable to request smuggling and request concatenation attacks. An unauthenticated attacker can prepend a victim's request with arbitrary data. This...

10CVSS7.7AI score0.97945EPSS
Exploits8References5
OSV
OSV
added 6 days ago3 views

DEBIAN-CVE-2026-58055

nghttp2's nghttpx proxy through 1.69.0 forwards an HTTP/1.1 Upgrade request that also carries a Content-Length header and body onto reusable keep-alive backend connections, re-adding the Upgrade and Connection headers while passing Content-Length verbatim. A backend that resolves the resulting...

6.3CVSS5.8AI score0.00202EPSS
Exploits0References1
NVD
NVD
added 6 days ago9 views

CVE-2026-58055

nghttp2's nghttpx proxy through 1.69.0 forwards an HTTP/1.1 Upgrade request that also carries a Content-Length header and body onto reusable keep-alive backend connections, re-adding the Upgrade and Connection headers while passing Content-Length verbatim. A backend that resolves the resulting...

6.3CVSS0.00202EPSS
Exploits0References3
Debian CVE
Debian CVE
added 6 days ago4 views

CVE-2026-58055

nghttp2's nghttpx proxy through 1.69.0 forwards an HTTP/1.1 Upgrade request that also carries a Content-Length header and body onto reusable keep-alive backend connections, re-adding the Upgrade and Connection headers while passing Content-Length verbatim. A backend that resolves the resulting...

6.3CVSS5.8AI score0.00202EPSS
Exploits0
Cvelist
Cvelist
added 6 days ago33 views

CVE-2026-58055 nghttp2 nghttpx - HTTP Request/Response Smuggling via Upgrade Request with Content-Length

nghttp2's nghttpx proxy through 1.69.0 forwards an HTTP/1.1 Upgrade request that also carries a Content-Length header and body onto reusable keep-alive backend connections, re-adding the Upgrade and Connection headers while passing Content-Length verbatim. A backend that resolves the resulting...

6.3CVSS0.00202EPSS
Exploits0References3
EUVD
EUVD
added 6 days ago9 views

EUVD-2026-39975

nghttp2's nghttpx proxy through 1.69.0 forwards an HTTP/1.1 Upgrade request that also carries a Content-Length header and body onto reusable keep-alive backend connections, re-adding the Upgrade and Connection headers while passing Content-Length verbatim. A backend that resolves the resulting...

6.3CVSS5.8AI score0.00202EPSS
Exploits0References3
CVE
CVE
added 6 days ago64 views

CVE-2026-58055

nghttp2 nghttpx (up to version 1.69.0) is affected. The proxy forwards an HTTP/1.1 Upgrade request that also carries a Content-Length header and body to reusable keep-alive backend connections, re-adding Upgrade and Connection headers while passing Content-Length verbatim. This creates an ambiguo...

6.3CVSS5.8AI score0.00202EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 6 days ago6 views

Linux Distros Unpatched Vulnerability : CVE-2026-58055

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nghttp2's nghttpx proxy through 1.69.0 forwards an HTTP/1.1 Upgrade request that also carries a Content- Length header and body onto reusable keep-alive backend...

6.3CVSS5.8AI score0.00202EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/26 9:59 p.m.13 views

EUVD-2026-31690

Hackney has CRLF / header injection in WebSocket upgrade request...

7.5CVSS5.8AI score0.00506EPSS
Exploits1References5
EUVD
EUVD
added 2026/06/26 8:55 p.m.11 views

EUVD-2026-37798

PHP Standard Library: HTTP/2 server-side missing content-length validation enables request smuggling...

7.5CVSS5.8AI score0.00267EPSS
Exploits0References4
CVE
CVE
added 2026/06/26 5:34 p.m.16 views

CVE-2026-48743

Envoy (open source edge/service proxy) contains a HTTP/3 to HTTP/1 request smuggling vulnerability prior to versions 1.35.11, 1.36.7, 1.37.3, and 1.38.1. A downstream HTTP/3 request that is complete at the transport layer with a nonzero Content-Length can be mistranslated into a complete upstream...

7.5CVSS5.8AI score0.00298EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder