CVE-2026-52761
Affected software: ModSecurity WAF for Apache/IIS/Nginx. A vulnerability in the t:utf8toUnicode transformation (src/actions/transformations/utf8_to_unicode.cc) in 3.0.0–3.0.15, where snprintf uses sizeof on a char pointer instead of the unicode buffer length on i386, can allow bypassing rules tha...