EUVD-2026-26714

Bandit trusts client-supplied URI scheme on plaintext connections...

CVE-2026-39807

Reliance on Untrusted Inputs in a Security Decision vulnerability in mtrudel bandit allows unauthenticated transport-state spoofing on plaintext HTTP connections. 'Elixir.Bandit.Pipeline':determinescheme/2 in lib/bandit/pipeline.ex returns the client-supplied URI scheme verbatim, ignoring the...

CVE-2026-39807

Reliance on Untrusted Inputs in a Security Decision vulnerability in mtrudel bandit allows unauthenticated transport-state spoofing on plaintext HTTP connections. 'Elixir.Bandit.Pipeline':determinescheme/2 in lib/bandit/pipeline.ex returns the client-supplied URI scheme verbatim, ignoring the...

PT-2026-36542

Name of the Vulnerable Software and Affected Versions bandit versions 1.0.0 through 1.10.f Description Reliance on untrusted inputs in a security decision allows unauthenticated transport-state spoofing on plaintext HTTP connections. The function determine scheme/2 in Elixir.Bandit.Pipeline retur...

PT-2022-24800 · Immudb · Immudb

Name of the Vulnerable Software and Affected Versions: immudb versions prior to 1.4.1 Description: immudb is a database with built-in cryptographic proof and verification. immudb client SDKs use the server's UUID to distinguish between different server instances, allowing the client to connect to...