Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

NVD
NVDadded 2025/06/26 3:15 p.m.4 views

CVE-2025-53007

arduino-esp32 provides an Arduino core for the ESP32. Versions prior to 3.3.0-RC1 and 3.2.1 contain a HTTP Response Splitting vulnerability. The sendHeader function takes arbitrary input for the HTTP header name and value, concatenates them into an HTTP header line, and appends this to the outgoi...

9.3CVSS0.00413EPSS
Exploits0References4
OSV
OSVadded 2025/06/26 2:45 p.m.3 views

CVE-2025-53007 arduino-esp32 vulnerable to CRLF injection in WebServer.cpp

arduino-esp32 provides an Arduino core for the ESP32. Versions prior to 3.3.0-RC1 and 3.2.1 contain a HTTP Response Splitting vulnerability. The sendHeader function takes arbitrary input for the HTTP header name and value, concatenates them into an HTTP header line, and appends this to the outgoi...

9.3CVSS6.9AI score0.00413EPSS
Exploits0References6
CVE
CVEadded 2025/06/26 2:45 p.m.14 views

CVE-2025-53007

Arduino-ESP32 (Arduino core for ESP32) prior to 3.3.0-RC1 and 3.2.1 is affected by an HTTP Response Splitting vulnerability in WebServer.cpp: the sendHeader function accepts unvalidated header name/value, enabling CRLF injection to add headers or disrupt the HTTP response. Impact can include head...

9.3CVSS7.2AI score0.00413EPSS
Exploits0References4
Rows per page
Query Builder