114 matches found
CVE-2026-35210 OpenCTI: Authorization Bypass via `synchronized-upsert` HTTP Header Injection
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 7.260326.0, an authorization bypass vulnerability in OpenCTI allows any authenticated user with KNOWLEDGEKNUPDATE permission to bypass Confidence Level validation and Object Marking...
CVE-2026-49097 Apache Camel: Camel-IRC: The irc.sendTo (and other irc.*) Exchange header constants used non-Camel-prefixed names that bypass the HTTP header filter, allowing an HTTP client to redirect outgoing IRC messages to arbitrary channels or users
Improper Input Validation, Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability in Apache Camel IRC component. The camel-irc producer chooses the destination of an outgoing IRC message from the irc.sendTo Exchange header the constant...
CVE-2026-48205
Summary: CVE-2026-48205 describes an SSRF vulnerability in the Apache Camel DNS component where DNS operation headers can be supplied via non-Camel header names (dns.server, dns.name, dns.domain, dns.type, dns.class, term) because the HTTP header filter is insufficient. This allows an unauthentic...
CVE-2026-48204 Apache Camel: Camel-MongoDB-GridFS: The gridfs.* control headers used non-Camel-prefixed names that bypass the HTTP header filter, allowing an HTTP client to switch the GridFS operation - including destructive file deletion - in the default configuration
Improper Input Validation, Improper Access Control vulnerability in Apache Camel in Camel Mongodb Gridfs component. The camel-mongodb-gridfs producer selects the GridFS operation to perform from the gridfs.operation Exchange header when the endpoint's operation parameter is not set - which is the...
EUVD-2026-41839
Improper Input Validation, Improper Access Control vulnerability in Apache Camel in Camel Mongodb Gridfs component. The camel-mongodb-gridfs producer selects the GridFS operation to perform from the gridfs.operation Exchange header when the endpoint's operation parameter is not set - which is the...
CVE-2026-48204 Apache Camel: Camel-MongoDB-GridFS: The gridfs.* control headers used non-Camel-prefixed names that bypass the HTTP header filter, allowing an HTTP client to switch the GridFS operation - including destructive file deletion - in the default configuration
Improper Input Validation, Improper Access Control vulnerability in Apache Camel in Camel Mongodb Gridfs component. The camel-mongodb-gridfs producer selects the GridFS operation to perform from the gridfs.operation Exchange header when the endpoint's operation parameter is not set - which is the...
CVE-2026-46453
Technical details for CVE-2026-46453 are not publicly available in the provided documents. No affected products, versions, impact, or fixes are enumerated here. Monitor official advisories for updates.
CVE-2026-43966
Improper Neutralization of CRLF Sequences in HTTP Headers 'HTTP Request/Response Splitting' vulnerability in ninenines cowlib allows HTTP response splitting via non-VCHAR bytes in structured-fields string values. cowhttpstructhd:escapestring/2 in cowlib only escapes \ and ", passing all other byt...
CVE-2026-22618
A security misconfiguration was identified in Eaton Intelligent Power Protector IPP, where an HTTP response header was set with an insecure attribute, potentially exposing users to web‑based attacks. This security issue has been fixed in the latest version of Eaton IPP software which is available...
CVE-2026-42249
Ollama for Windows contains a Remote Code Execution vulnerability in its update mechanism due to improper handling of attacker‑controlled HTTP response headers. When downloading updates, the application constructs local file paths using values derived from HTTP headers without validation. These...
PYSEC-0000-CVE-2026-44546
daphne before 4.2.2 reconstructs a raw HTTP request from Twisted's parsed headers and feeds it to autobahn for WebSocket handshake processing. Twisted does not treat \x0b, \x0c, \x1c, \x1d, \x1e, or \x85 as header line separators, but autobahn decodes header values to str and calls splitlines. An...
cpython: wsgiref.headers.Headers allows header newline injection in Python
Missing newline filtering has been discovered in Python. User-controlled header names and values containing newlines can allow injecting HTTP headers...
python: Python: HTTP header injection via CR/LF in proxy tunnel headers
A flaw was found in Python. This vulnerability allows for the injection of extra information into HTTP communication. Specifically, the system does not properly prevent special characters carriage return and line feed from being included in HTTP client proxy tunnel headers or host fields...
Lexmark Printers Improper Input Validation (CVE-2010-0101)
The embedded HTTP server in multiple Lexmark laser and inkjet printers and MarkNet devices, including X94x, W840, T656, N4000, E462, C935dn, 25xxN, and other models, allows remote attackers to cause a denial of service operating system halt via a malformed HTTP Authorization header. This plugin...
SUSE-SU-2026:1745-1 Security update for rmt-server
This update for rmt-server fixes the following issues: Update to version 2.27. Security issues fixed: - CVE-2026-26961: rack: greedy multipart boundary parsing can lead to parser differentials and WAF bypass bsc1261398. - CVE-2026-26962: rack: improper unfolding of folded multipart headers can le...
Linux Distros Unpatched Vulnerability : CVE-2026-43870
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Origin Validation Error, Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal', Improper Neutralization of CRLF Sequences in HTTP Headers...
vulnerability-research
Vulnerability Research & Responsible Disclosure Shivam Paji...
CVE-2026-42249
CVE-2026-42249 affects Ollama for Windows and is a remote code execution in the update mechanism caused by improper handling of attacker-controlled HTTP response headers. Update file paths are built from header-derived values and passed to filepath.Join, enabling path traversal (../) and writing ...
cpython: wsgiref.headers.Headers allows header newline injection in Python
Missing newline filtering has been discovered in Python. User-controlled header names and values containing newlines can allow injecting HTTP headers...
EUVD-2026-23177
A security misconfiguration was identified in Eaton Intelligent Power Protector IPP, where an HTTP response header was set with an insecure attribute, potentially exposing users to web‑based attacks. This security issue has been fixed in the latest version of Eaton IPP software which is available...