Lucene search
K

6 matches found

Cvelist
Cvelist
added 2026/06/11 5:18 p.m.25 views

CVE-2026-47157 aiograpi: Unsafe signup challenge path handling

aiograpi is an asynchronous Instagram API for Python. aiograpi versions before 0.9.10 accepted server-supplied signup challenge paths and used them to build request URLs before validating that the paths were relative Instagram API paths. If an attacker can influence a challenge response, for...

6.5CVSS0.00195EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/06/11 5:18 p.m.10 views

CVE-2026-47157 aiograpi: Unsafe signup challenge path handling

aiograpi is an asynchronous Instagram API for Python. aiograpi versions before 0.9.10 accepted server-supplied signup challenge paths and used them to build request URLs before validating that the paths were relative Instagram API paths. If an attacker can influence a challenge response, for...

6.5CVSS5.4AI score0.00195EPSS
Exploits0References4
CVE
CVE
added 2026/06/11 5:18 p.m.22 views

CVE-2026-47157

aiograpi (Python) before 0.9.10 accepted server-supplied signup challenge paths and built request URLs before validating that the paths were relative Instagram API paths. An attacker who can influence a challenge response (e.g., on a local network, via DNS, or via a proxy) could cause challenge h...

6.5CVSS5.4AI score0.00195EPSS
Exploits0References4
OSV
OSV
added 2026/05/23 12:12 a.m.5 views

GHSA-GGXF-37HM-9WQF instagrapi: Unsafe signup challenge path handling in instagrapi

instagrapi versions before 2.6.9 accepted server-supplied signup challenge paths and used them to build request URLs before validating that the paths were relative Instagram API paths. A malicious or tampered challenge payload could cause challenge handling requests to be sent outside the intende...

6.5CVSS5.8AI score
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/23 12:11 a.m.16 views

aiograpi: Unsafe signup challenge path handling

aiograpi versions before 0.9.10 accepted server-supplied signup challenge paths and used them to build request URLs before validating that the paths were relative Instagram API paths. A malicious or tampered challenge payload could cause challenge handling requests to be sent outside the intended...

6.5CVSS5.8AI score0.00195EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/05/23 12:11 a.m.5 views

GHSA-JH37-X3FV-4X72 aiograpi: Unsafe signup challenge path handling

aiograpi versions before 0.9.10 accepted server-supplied signup challenge paths and used them to build request URLs before validating that the paths were relative Instagram API paths. A malicious or tampered challenge payload could cause challenge handling requests to be sent outside the intended...

6.5CVSS5.8AI score0.00195EPSS
Exploits0References6
Rows per page
Query Builder