Lucene search
K

121679 matches found

Vulnrichment
Vulnrichment
added 2026/03/27 7:54 p.m.3 views

CVE-2026-33870 Netty: HTTP Request Smuggling via Chunked Extension Quoted-String Parsing

Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.132.Final and 4.2.10.Final, Netty incorrectly parses quoted strings in HTTP/1.1 chunked transfer encoding extension values, enabling request smuggling attacks. Versions 4.1.132.Final and 4.2.10.Final fi...

7.5CVSS5.8AI score0.0064EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2026/03/27 7:54 p.m.8 views

CVE-2026-33870

Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.132.Final and 4.2.10.Final, Netty incorrectly parses quoted strings in HTTP/1.1 chunked transfer encoding extension values, enabling request smuggling attacks. Versions 4.1.132.Final and 4.2.10.Final fi...

7.5CVSS8.2AI score0.0064EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2026/03/27 7:54 p.m.6 views

CVE-2026-33870

Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.132.Final and 4.2.10.Final, Netty incorrectly parses quoted strings in HTTP/1.1 chunked transfer encoding extension values, enabling request smuggling attacks. Versions 4.1.132.Final and 4.2.10.Final fi...

7.5CVSS5.9AI score0.0064EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2026/03/27 7:54 p.m.535 views

CVE-2026-33870

Netty HTTP request smuggling vulnerability (CVE-2026-33870) arises from how Netty versions prior to 4.1.132.Final and 4.2.10.Final parse quoted strings in HTTP/1.1 chunked transfer encoding extension values, enabling request smuggling attacks. The IBM and OSS/Ecosystem advisories in the connected...

7.5CVSS5.8AI score0.0064EPSS
Exploits1References22Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/27 7:52 p.m.2 views

CVE-2026-4974

A flaw has been found in Tenda AC7 15.03.06.44. Affected by this issue is the function fromSetSysTime of the file /goform/SetSysTimeCfg of the component POST Request Handler. Executing a manipulation of the argument Time can lead to stack-based buffer overflow. It is possible to launch the attack...

9CVSS6.5AI score0.00632EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/27 7:52 p.m.1 views

CVE-2026-4974 Tenda AC7 POST Request SetSysTimeCfg fromSetSysTime memory corruption

A flaw has been found in Tenda AC7 15.03.06.44. Affected by this issue is the function fromSetSysTime of the file /goform/SetSysTimeCfg of the component POST Request Handler. Executing a manipulation of the argument Time can lead to stack-based buffer overflow. It is possible to launch the attack...

9CVSS7.8AI score0.00632EPSS
Exploits1References5
CVE
CVE
added 2026/03/27 7:52 p.m.9 views

CVE-2026-4974

CVE-2026-4974 affects Tenda AC7 firmware version 15.03.06.44. The vulnerability is in the function fromSetSysTime of /goform/SetSysTimeCfg in the POST Request Handler, where manipulating the Time argument can cause a stack-based buffer overflow. This enables remote code execution over the network...

9CVSS7.8AI score0.00632EPSS
Exploits1References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/27 7:23 p.m.3 views

CVE-2026-31945

LibreChat is a ChatGPT clone with additional features. Versions 0.8.2-rc2 through 0.8.2 are vulnerable to a server-side request forgery SSRF attack when using agent actions or MCP. Although a previous SSRF vulnerability...

7.7CVSS5.9AI score0.00249EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/03/27 7:23 p.m.21 views

CVE-2026-31945 LibreChat Server-Side Request Forgery using DNS resolution

LibreChat is a ChatGPT clone with additional features. Versions 0.8.2-rc2 through 0.8.2 are vulnerable to a server-side request forgery SSRF attack when using agent actions or MCP. Although a previous SSRF vulnerability...

7.7CVSS0.00249EPSS
Exploits1References1
OSV
OSV
added 2026/03/27 7:23 p.m.7 views

CVE-2026-31945 LibreChat Server-Side Request Forgery using DNS resolution

LibreChat is a ChatGPT clone with additional features. Versions 0.8.2-rc2 through 0.8.2 are vulnerable to a server-side request forgery SSRF attack when using agent actions or MCP. Although a previous SSRF vulnerability...

7.7CVSS5.9AI score0.00249EPSS
Exploits1References3
EUVD
EUVD
added 2026/03/27 7:21 p.m.4 views

EUVD-2026-16764

LibreChat is a ChatGPT clone with additional features. Prior to version 0.8.3, isPrivateIP in packages/api/src/auth/domain.ts fails to detect IPv4-mapped IPv6 addresses in their hex-normalized form, allowing any authenticated user to bypass SSRF protection and make the server issue HTTP requests ...

8.5CVSS5.9AI score0.00213EPSS
Exploits1References1
OSV
OSV
added 2026/03/27 7:21 p.m.6 views

CVE-2026-31943 LibreChat has SSRF protection bypass via IPv4-mapped IPv6 normalization in isPrivateIP

LibreChat is a ChatGPT clone with additional features. Prior to version 0.8.3, isPrivateIP in packages/api/src/auth/domain.ts fails to detect IPv4-mapped IPv6 addresses in their hex-normalized form, allowing any authenticated user to bypass SSRF protection and make the server issue HTTP requests ...

8.5CVSS5.9AI score0.00213EPSS
Exploits1References3
Snyk
Snyk
added 2026/03/27 7:17 p.m.3 views

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' via the processing of deprecated workflow commands in untrusted input. An attacker can inject arbitrary environment variables or modify the...

9.8CVSS6AI score0.00619EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/27 6:31 p.m.5 views

EUVD-2026-16723

A vulnerability was determined in Tenda AC6 15.03.05.16. Affected is the function fromWizardHandle of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack can be executed remotel...

9CVSS7.9AI score0.00773EPSS
Exploits1References6
OSV
OSV
added 2026/03/27 6:31 p.m.4 views

GHSA-3GV6-G396-9V4R Undertow is Vulnerable to HTTP Request/Response Smuggling

A flaw was found in Undertow. A remote attacker can exploit this vulnerability by sending \r\r\r as a header block terminator. This can be used for request smuggling with certain proxy servers, such as older versions of Apache Traffic Server and Google Cloud Classic Application Load Balancer,...

8.7CVSS5.8AI score0.00706EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/03/27 6:31 p.m.6 views

Undertow is Vulnerable to HTTP Request/Response Smuggling

A flaw was found in Undertow. A remote attacker can exploit this vulnerability by sending \r\r\r as a header block terminator. This can be used for request smuggling with certain proxy servers, such as older versions of Apache Traffic Server and Google Cloud Classic Application Load Balancer,...

9.1CVSS5.8AI score0.00706EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/27 6:31 p.m.7 views

Undertow is Vulnerable to HTTP Request/Response Smuggling

A flaw was found in Undertow. This vulnerability allows a remote attacker to construct specially crafted requests where header names are parsed differently by Undertow compared to upstream proxies. This discrepancy in header interpretation can be exploited to launch request smuggling attacks,...

9.1CVSS5.9AI score0.00704EPSS
Exploits0References6Affected Software1
Github Security Blog
Github Security Blog
added 2026/03/27 6:31 p.m.7 views

Undertow is Vulnerable to HTTP Request/Response Smuggling

A flaw was found in Undertow. When Undertow receives an HTTP request where the first header line starts with one or more spaces, it incorrectly processes the request by stripping these leading spaces. This behavior, which violates HTTP standards, can be exploited by a remote attacker to perform...

9.1CVSS5.9AI score0.00677EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/03/27 6:31 p.m.3 views

GHSA-8V4X-MGVP-P658 Undertow is Vulnerable to HTTP Request/Response Smuggling

A flaw was found in Undertow. This vulnerability allows a remote attacker to construct specially crafted requests where header names are parsed differently by Undertow compared to upstream proxies. This discrepancy in header interpretation can be exploited to launch request smuggling attacks,...

8.7CVSS5.9AI score0.00704EPSS
Exploits0References6
OSV
OSV
added 2026/03/27 6:31 p.m.3 views

GHSA-VQQJ-9CMV-HX43 Undertow is Vulnerable to HTTP Request/Response Smuggling

A flaw was found in Undertow. When Undertow receives an HTTP request where the first header line starts with one or more spaces, it incorrectly processes the request by stripping these leading spaces. This behavior, which violates HTTP standards, can be exploited by a remote attacker to perform...

8.7CVSS5.9AI score0.00677EPSS
Exploits0References6
Rows per page
Query Builder