Common Weakness Enumeration

CWE-436

Allowed-with-Review

Interpretation Conflict

Abstraction: Class · Status: Incomplete

Product A handles inputs or steps differently than Product B, which causes A to perform incorrect actions based on its perception of B's state.

199 vulnerabilities reference this CWE, most recent first.

CVE-2026-59882 (GCVE-0-2026-59882)

Vulnerability from cvelistv5 – Published: 2026-07-08 15:50 – Updated: 2026-07-08 17:00
VLAI
Title
guzzlehttp/psr7: Host Confusion via Weak URI Host Validation
Summary
guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Prior to 2.12.3, Uri::assertValidHost() does not reject URI host components containing authority delimiters, embedded ports, or malformed IPv6 brackets, allowing Uri::getHost() to disagree with the URI authority used for security or routing decisions. This issue is fixed in version 2.12.3.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-436 - Interpretation Conflict
Assigner
Impacted products
Vendor Product Version
guzzle psr7 Affected: < 2.12.3
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-59882",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-07-08T16:50:26.023312Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-08T17:00:22.945Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "psr7",
          "vendor": "guzzle",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 2.12.3"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "guzzlehttp/psr7 is a PSR-7 HTTP message library implementation in PHP. Prior to 2.12.3, Uri::assertValidHost() does not reject URI host components containing authority delimiters, embedded ports, or malformed IPv6 brackets, allowing Uri::getHost() to disagree with the URI authority used for security or routing decisions. This issue is fixed in version 2.12.3."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-436",
              "description": "CWE-436: Interpretation Conflict",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-08T15:50:03.077Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/guzzle/psr7/security/advisories/GHSA-c2w2-prh8-qm98",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/guzzle/psr7/security/advisories/GHSA-c2w2-prh8-qm98"
        },
        {
          "name": "https://github.com/guzzle/psr7/pull/811",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/guzzle/psr7/pull/811"
        },
        {
          "name": "https://github.com/guzzle/psr7/commit/ddd64f17d4cc1f7e5ffe6fd2c989ec7221712580",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/guzzle/psr7/commit/ddd64f17d4cc1f7e5ffe6fd2c989ec7221712580"
        },
        {
          "name": "https://github.com/guzzle/psr7/releases/tag/2.12.3",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/guzzle/psr7/releases/tag/2.12.3"
        }
      ],
      "source": {
        "advisory": "GHSA-c2w2-prh8-qm98",
        "discovery": "UNKNOWN"
      },
      "title": "guzzlehttp/psr7: Host Confusion via Weak URI Host Validation"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-59882",
    "datePublished": "2026-07-08T15:50:03.077Z",
    "dateReserved": "2026-07-07T16:40:07.982Z",
    "dateUpdated": "2026-07-08T17:00:22.945Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-56669 (GCVE-0-2026-56669)

Vulnerability from cvelistv5 – Published: 2026-07-08 20:25 – Updated: 2026-07-10 15:02
VLAI
Title
Elysia: Inefficient Algorithmic Complexity and Interpretation Conflict
Summary
Elysia is a Typescript framework for request validation, type inference, OpenAPI documentation, and client-server communication. Prior to 1.4.29, Elysia uses getAll in form data normalization for multipart/form-data endpoints, causing the amount of work to grow quadratically with the number of unique key-value pairs and allowing CPU exhaustion. This issue is fixed in version 1.4.29.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-407 - Inefficient Algorithmic Complexity
  • CWE-436 - Interpretation Conflict
Assigner
Impacted products
Vendor Product Version
elysiajs elysia Affected: < 1.4.29
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-56669",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-07-10T15:01:58.719561Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-10T15:02:07.512Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "elysia",
          "vendor": "elysiajs",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.4.29"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Elysia is a Typescript framework for request validation, type inference, OpenAPI documentation, and client-server communication. Prior to 1.4.29, Elysia uses getAll in form data normalization for multipart/form-data endpoints, causing the amount of work to grow quadratically with the number of unique key-value pairs and allowing CPU exhaustion. This issue is fixed in version 1.4.29."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-407",
              "description": "CWE-407: Inefficient Algorithmic Complexity",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-436",
              "description": "CWE-436: Interpretation Conflict",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-08T20:25:18.200Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/elysiajs/elysia/security/advisories/GHSA-9643-4qgh-g8mx",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/elysiajs/elysia/security/advisories/GHSA-9643-4qgh-g8mx"
        },
        {
          "name": "https://github.com/elysiajs/elysia/commit/8358ff9efbcedf9534995f5977f26b9ceab59329",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/elysiajs/elysia/commit/8358ff9efbcedf9534995f5977f26b9ceab59329"
        },
        {
          "name": "https://gist.github.com/jviide/ea040eabe7bac058326174e2cd42dfd9",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://gist.github.com/jviide/ea040eabe7bac058326174e2cd42dfd9"
        },
        {
          "name": "https://github.com/elysiajs/elysia/releases/tag/1.4.29",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/elysiajs/elysia/releases/tag/1.4.29"
        }
      ],
      "source": {
        "advisory": "GHSA-9643-4qgh-g8mx",
        "discovery": "UNKNOWN"
      },
      "title": "Elysia: Inefficient Algorithmic Complexity and Interpretation Conflict"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-56669",
    "datePublished": "2026-07-08T20:25:18.200Z",
    "dateReserved": "2026-06-22T16:39:01.043Z",
    "dateUpdated": "2026-07-10T15:02:07.512Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-56329 (GCVE-0-2026-56329)

Vulnerability from cvelistv5 – Published: 2026-07-10 13:57 – Updated: 2026-07-10 15:45
VLAI
Title
Capgo - Cross-Tenant Preview Namespace Collision via Non-Bijective Underscore Decoding
Summary
Capgo before 12.128.2 contains a cross-tenant preview namespace collision vulnerability caused by non-bijective decoding of double underscores to dots in preview hostname parsing. Attackers can register app IDs with underscores that collide with other tenants' dotted app IDs, causing preview misrouting and denial of preview access for victim applications.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-436 - Interpretation Conflict
Assigner
References
Impacted products
Vendor Product Version
Capgo Capgo Affected: 0 , < 12.128.2 (semver)
Unaffected: 12.128.2 (semver)
Create a notification for this product.
Date Public
2026-05-07 00:00
Credits
Judel777
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-56329",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-07-10T15:45:10.865078Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-10T15:45:22.401Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/Cap-go/capgo/security/advisories/GHSA-76qq-gg2p-pwwj"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Capgo",
          "vendor": "Capgo",
          "versions": [
            {
              "lessThan": "12.128.2",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "12.128.2",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Judel777"
        }
      ],
      "datePublic": "2026-05-07T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Capgo before 12.128.2 contains a cross-tenant preview namespace collision vulnerability caused by non-bijective decoding of double underscores to dots in preview hostname parsing. Attackers can register app IDs with underscores that collide with other tenants\u0027 dotted app IDs, causing preview misrouting and denial of preview access for victim applications."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "LOW",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "LOW",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "LOW",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS"
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-436",
              "description": "Interpretation Conflict",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-10T13:57:56.297Z",
        "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
        "shortName": "VulnCheck"
      },
      "references": [
        {
          "name": "GitHub Security Advisory (GHSA-76qq-gg2p-pwwj)",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://github.com/Cap-go/capgo/security/advisories/GHSA-76qq-gg2p-pwwj"
        },
        {
          "name": "VulnCheck Advisory: Capgo - Cross-Tenant Preview Namespace Collision via Non-Bijective Underscore Decoding",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://www.vulncheck.com/advisories/capgo-cross-tenant-preview-namespace-collision-via-non-bijective-underscore-decoding"
        }
      ],
      "title": "Capgo - Cross-Tenant Preview Namespace Collision via Non-Bijective Underscore Decoding",
      "x_generator": {
        "engine": "vulncheck-endgame"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10",
    "assignerShortName": "VulnCheck",
    "cveId": "CVE-2026-56329",
    "datePublished": "2026-07-10T13:57:56.297Z",
    "dateReserved": "2026-06-20T13:06:29.994Z",
    "dateUpdated": "2026-07-10T15:45:22.401Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-53655 (GCVE-0-2026-53655)

Vulnerability from cvelistv5 – Published: 2026-06-22 14:55 – Updated: 2026-06-23 16:09
VLAI
Title
node-tar applies PAX size override to intermediary GNU long-name/long-link headers, causing tar parser interpretation differential (file smuggling)
Summary
node-tar is a full-featured Tar for Node.js. Prior to 7.5.16, tar (node-tar) applies a PAX extended header's size= record (and other PAX overrides) to the next header entry of any type, including intermediary metadata headers such as a GNU long-name (L) or long-link (K) entry. Per POSIX pax, a PAX extended header (x) describes the next file entry, not the intermediary extension headers that may sit between the x header and the file it annotates. Because node-tar lets the PAX size override the byte length of an intervening L/K/x header, an attacker can desynchronize node-tar's stream cursor relative to every other mainstream tar implementation (GNU tar, libarchive/bsdtar, Python tarfile, and the now-fixed tar-rs / astral-tokio-tar). The result is a tar parser interpretation differential (CWE-436): a single crafted archive yields a different set of members under node-tar than under the reference tar tools. An attacker can use this to hide a member from one parser while it is visible to another, which defeats security tooling whose scanner and extractor disagree on archive contents (e.g. a malware/secret scanner that lists entries with one library while a downstream step extracts with another) This vulnerability is fixed in 7.5.16.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-436 - Interpretation Conflict
Assigner
References
Impacted products
Vendor Product Version
isaacs node-tar Affected: < 7.5.16
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-53655",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-23T14:15:18.405283Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-23T16:09:06.835Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/isaacs/node-tar/security/advisories/GHSA-vmf3-w455-68vh"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "node-tar",
          "vendor": "isaacs",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 7.5.16"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "node-tar is a full-featured Tar for Node.js. Prior to 7.5.16, tar (node-tar) applies a PAX extended header\u0027s size= record (and other PAX overrides) to the next header entry of any type, including intermediary metadata headers such as a GNU long-name (L) or long-link (K) entry. Per POSIX pax, a PAX extended header (x) describes the next file entry, not the intermediary extension headers that may sit between the x header and the file it annotates. Because node-tar lets the PAX size override the byte length of an intervening L/K/x header, an attacker can desynchronize node-tar\u0027s stream cursor relative to every other mainstream tar implementation (GNU tar, libarchive/bsdtar, Python tarfile, and the now-fixed tar-rs / astral-tokio-tar). The result is a tar parser interpretation differential (CWE-436): a single crafted archive yields a different set of members under node-tar than under the reference tar tools. An attacker can use this to hide a member from one parser while it is visible to another, which defeats security tooling whose scanner and extractor disagree on archive contents (e.g. a malware/secret scanner that lists entries with one library while a downstream step extracts with another) This vulnerability is fixed in 7.5.16."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "LOCAL",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "HIGH"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-436",
              "description": "CWE-436: Interpretation Conflict",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-22T14:55:50.133Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/isaacs/node-tar/security/advisories/GHSA-vmf3-w455-68vh",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/isaacs/node-tar/security/advisories/GHSA-vmf3-w455-68vh"
        }
      ],
      "source": {
        "advisory": "GHSA-vmf3-w455-68vh",
        "discovery": "UNKNOWN"
      },
      "title": "node-tar applies PAX size override to intermediary GNU long-name/long-link headers, causing tar parser interpretation differential (file smuggling)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-53655",
    "datePublished": "2026-06-22T14:55:50.133Z",
    "dateReserved": "2026-06-09T20:50:36.876Z",
    "dateUpdated": "2026-06-23T16:09:06.835Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-53538 (GCVE-0-2026-53538)

Vulnerability from cvelistv5 – Published: 2026-06-22 16:56 – Updated: 2026-06-23 16:08
VLAI
Title
Python-Multipart: Semicolon treated as querystring field separator enables parameter smuggling
Summary
Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, QuerystringParser treated ; as a field separator in application/x-www-form-urlencoded bodies, in addition to &. The WHATWG URL standard, modern browsers, and Python's urllib.parse (since the CVE-2021-23336 fix) treat only & as a separator. This creates a parser differential: the same bytes are tokenized into different fields than a WHATWG compliant intermediary would produce, allowing an attacker to smuggle extra form fields past an upstream body inspecting component. This vulnerability is fixed in 0.0.30.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-436 - Interpretation Conflict
  • CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
Assigner
References
Impacted products
Vendor Product Version
Kludex python-multipart Affected: < 0.0.30
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-53538",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-23T14:49:11.715345Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-23T16:08:22.050Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "python-multipart",
          "vendor": "Kludex",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 0.0.30"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, QuerystringParser treated ; as a field separator in application/x-www-form-urlencoded bodies, in addition to \u0026. The WHATWG URL standard, modern browsers, and Python\u0027s urllib.parse (since the CVE-2021-23336 fix) treat only \u0026 as a separator. This creates a parser differential: the same bytes are tokenized into different fields than a WHATWG compliant intermediary would produce, allowing an attacker to smuggle extra form fields past an upstream body inspecting component. This vulnerability is fixed in 0.0.30."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-436",
              "description": "CWE-436: Interpretation Conflict",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-444",
              "description": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-22T16:56:32.628Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/Kludex/python-multipart/security/advisories/GHSA-6jv3-5f52-599m",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/Kludex/python-multipart/security/advisories/GHSA-6jv3-5f52-599m"
        }
      ],
      "source": {
        "advisory": "GHSA-6jv3-5f52-599m",
        "discovery": "UNKNOWN"
      },
      "title": "Python-Multipart: Semicolon treated as querystring field separator enables parameter smuggling"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-53538",
    "datePublished": "2026-06-22T16:56:32.628Z",
    "dateReserved": "2026-06-09T18:13:07.263Z",
    "dateUpdated": "2026-06-23T16:08:22.050Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-53537 (GCVE-0-2026-53537)

Vulnerability from cvelistv5 – Published: 2026-06-22 16:57 – Updated: 2026-06-23 16:08
VLAI
Title
Python-Multipart: Content-Disposition parameter smuggling via RFC 2231/5987 extended parameters
Summary
Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, parse_options_header parsed Content-Disposition (and Content-Type) headers with email.message.Message, which transparently applies RFC 2231/5987 decoding. The extended parameter syntax (filename*=charset'lang'value, name*=..., and the filename*0/filename*1 continuation form) is decoded and surfaced under the bare filename/name key, and overrides the plain parameter when both are present. RFC 7578 §4.2 explicitly forbids the filename* form in multipart/form-data. Components that follow RFC 7578, or that do not implement RFC 2231/5987 decoding for multipart/form-data (WAFs, proxies, gateways), may interpret such a header differently. An attacker can exploit that difference to smuggle a different field name or filename past an upstream inspector to the backend. This vulnerability is fixed in 0.0.30.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-20 - Improper Input Validation
  • CWE-436 - Interpretation Conflict
Assigner
References
Impacted products
Vendor Product Version
Kludex python-multipart Affected: < 0.0.30
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-53537",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-23T16:03:15.384645Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-23T16:08:07.690Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "python-multipart",
          "vendor": "Kludex",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 0.0.30"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, parse_options_header parsed Content-Disposition (and Content-Type) headers with email.message.Message, which transparently applies RFC 2231/5987 decoding. The extended parameter syntax (filename*=charset\u0027lang\u0027value, name*=..., and the filename*0/filename*1 continuation form) is decoded and surfaced under the bare filename/name key, and overrides the plain parameter when both are present. RFC 7578 \u00a74.2 explicitly forbids the filename* form in multipart/form-data. Components that follow RFC 7578, or that do not implement RFC 2231/5987 decoding for multipart/form-data (WAFs, proxies, gateways), may interpret such a header differently. An attacker can exploit that difference to smuggle a different field name or filename past an upstream inspector to the backend. This vulnerability is fixed in 0.0.30."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-436",
              "description": "CWE-436: Interpretation Conflict",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-22T16:57:21.496Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/Kludex/python-multipart/security/advisories/GHSA-vffw-93wf-4j4q",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/Kludex/python-multipart/security/advisories/GHSA-vffw-93wf-4j4q"
        }
      ],
      "source": {
        "advisory": "GHSA-vffw-93wf-4j4q",
        "discovery": "UNKNOWN"
      },
      "title": "Python-Multipart: Content-Disposition parameter smuggling via RFC 2231/5987 extended parameters"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-53537",
    "datePublished": "2026-06-22T16:57:21.496Z",
    "dateReserved": "2026-06-09T18:13:07.262Z",
    "dateUpdated": "2026-06-23T16:08:07.690Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-48788 (GCVE-0-2026-48788)

Vulnerability from cvelistv5 – Published: 2026-06-16 22:29 – Updated: 2026-06-17 13:20
VLAI
Title
Remark42: Cross-Site Scripting (XSS) on /api/v1/img via content-type spoofing
Summary
Remark42 is a self-hosted comment engine for blogs, articles, or any other place where readers can add comments. Versions 1.6.0 through 1.15.0 contain a Cross-Site Scripting (XSS) vulnerability exploitable through content-type spoofing. The Remark42 image proxy fetches an arbitrary remote URL and re-serves the response from Remark42's own origin. During the download phase, the proxy determines whether the resource is an image by inspecting only the Content-Type header advertised by the remote server, never examining the actual bytes; during the serving phase, it instead derives the response Content-Type by sniffing those bytes with http.DetectContentType. An attacker can exploit this inconsistency by hosting a URL that advertises Content-Type: image/png while returning an HTML/JavaScript body: the download check accepts it as an image, the serving path sniffs the body and emits Content-Type: text/html, and the browser renders the attacker-controlled HTML/JavaScript as a document within Remark42's origin. Exploitation requires no Remark42 account on the target instance; the attacker only needs to host the malicious upstream URL and deliver the proxy link to a victim by any means, such as email, direct message, or a link on another website. This issue has been fixed in version 1.16.0.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
  • CWE-436 - Interpretation Conflict
Assigner
Impacted products
Vendor Product Version
umputun remark42 Affected: >= 1.6.0, < 1.16.0
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-48788",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-17T13:19:50.596883Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-17T13:20:11.543Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/umputun/remark42/security/advisories/GHSA-4c8j-mgm4-qqvp"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "remark42",
          "vendor": "umputun",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 1.6.0, \u003c 1.16.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Remark42 is a self-hosted comment engine for blogs, articles, or any other place where readers can add comments. Versions 1.6.0 through 1.15.0 contain a Cross-Site Scripting (XSS) vulnerability exploitable through content-type spoofing. The Remark42 image proxy fetches an arbitrary remote URL and re-serves the response from Remark42\u0027s own origin. During the download phase, the proxy determines whether the resource is an image by inspecting only the Content-Type header advertised by the remote server, never examining the actual bytes; during the serving phase, it instead derives the response Content-Type by sniffing those bytes with http.DetectContentType. An attacker can exploit this inconsistency by hosting a URL that advertises Content-Type: image/png while returning an HTML/JavaScript body: the download check accepts it as an image, the serving path sniffs the body and emits Content-Type: text/html, and the browser renders the attacker-controlled HTML/JavaScript as a document within Remark42\u0027s origin. Exploitation requires no Remark42 account on the target instance; the attacker only needs to host the malicious upstream URL and deliver the proxy link to a victim by any means, such as email, direct message, or a link on another website. This issue has been fixed in version 1.16.0."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-436",
              "description": "CWE-436: Interpretation Conflict",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-16T22:29:38.877Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/umputun/remark42/security/advisories/GHSA-4c8j-mgm4-qqvp",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/umputun/remark42/security/advisories/GHSA-4c8j-mgm4-qqvp"
        },
        {
          "name": "https://github.com/umputun/remark42/commit/78d6de6bce1e961f023969da3ec8a00dd80c9ae8",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/umputun/remark42/commit/78d6de6bce1e961f023969da3ec8a00dd80c9ae8"
        },
        {
          "name": "https://github.com/umputun/remark42/releases/tag/v1.16.0",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/umputun/remark42/releases/tag/v1.16.0"
        }
      ],
      "source": {
        "advisory": "GHSA-4c8j-mgm4-qqvp",
        "discovery": "UNKNOWN"
      },
      "title": "Remark42: Cross-Site Scripting (XSS) on /api/v1/img via content-type spoofing"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-48788",
    "datePublished": "2026-06-16T22:29:38.877Z",
    "dateReserved": "2026-05-22T20:18:20.365Z",
    "dateUpdated": "2026-06-17T13:20:11.543Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-47767 (GCVE-0-2026-47767)

Vulnerability from cvelistv5 – Published: 2026-07-14 18:38 – Updated: 2026-07-14 18:38
VLAI
Title
Symfony: SymfonyRuntime CVE-2024-50340 Patch Bypass: Web Requests Can Still Set APP_ENV/APP_DEBUG via parse_str/SAPI Argv Mismatch
Summary
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. From 5.4.46 until 5.4.52, 6.4.40, 7.4.12, and 8.0.12, the CVE-2024-50340 fix gated runtime argv parsing on empty($_GET), but parse_str() and the web SAPI can disagree, allowing a crafted query string to leave $_GET empty while $_SERVER['argv'] still carries attacker-controlled --env or --no-debug flags that change APP_ENV or APP_DEBUG. This issue is fixed in versions 5.4.52, 6.4.40, 7.4.12, and 8.0.12.
CWE
  • CWE-436 - Interpretation Conflict
Assigner
Impacted products
Vendor Product Version
symfony symfony Affected: >= 5.4.46, < 5.4.52
Affected: >= 6.4.14, < 6.4.40
Affected: >= 7.1.7, < 7.4.12
Affected: >= 8.0.0-BETA1, < 8.0.12
Create a notification for this product.
symfony runtime Affected: >= 5.4.46, < 5.4.52
Affected: >= 6.4.14, < 6.4.40
Affected: >= 7.1.7, < 7.4.12
Affected: >= 8.0.0-BETA1, < 8.0.12
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "cna": {
      "affected": [
        {
          "product": "symfony",
          "vendor": "symfony",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 5.4.46, \u003c 5.4.52"
            },
            {
              "status": "affected",
              "version": "\u003e= 6.4.14, \u003c 6.4.40"
            },
            {
              "status": "affected",
              "version": "\u003e= 7.1.7, \u003c 7.4.12"
            },
            {
              "status": "affected",
              "version": "\u003e= 8.0.0-BETA1, \u003c 8.0.12"
            }
          ]
        },
        {
          "product": "runtime",
          "vendor": "symfony",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 5.4.46, \u003c 5.4.52"
            },
            {
              "status": "affected",
              "version": "\u003e= 6.4.14, \u003c 6.4.40"
            },
            {
              "status": "affected",
              "version": "\u003e= 7.1.7, \u003c 7.4.12"
            },
            {
              "status": "affected",
              "version": "\u003e= 8.0.0-BETA1, \u003c 8.0.12"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Symfony is a PHP framework for web and console applications and a set of reusable PHP components. From 5.4.46 until 5.4.52, 6.4.40, 7.4.12, and 8.0.12, the CVE-2024-50340 fix gated runtime argv parsing on empty($_GET), but parse_str() and the web SAPI can disagree, allowing a crafted query string to leave $_GET empty while $_SERVER[\u0027argv\u0027] still carries attacker-controlled --env or --no-debug flags that change APP_ENV or APP_DEBUG. This issue is fixed in versions 5.4.52, 6.4.40, 7.4.12, and 8.0.12."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "LOW"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-436",
              "description": "CWE-436: Interpretation Conflict",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-14T18:38:36.513Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/symfony/symfony/security/advisories/GHSA-fqc7-9xjw-jrh3",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/symfony/symfony/security/advisories/GHSA-fqc7-9xjw-jrh3"
        },
        {
          "name": "https://github.com/symfony/symfony/commit/3228c3806ee511008bea19a95084d460b17e5d25",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/symfony/symfony/commit/3228c3806ee511008bea19a95084d460b17e5d25"
        },
        {
          "name": "https://github.com/symfony/symfony/releases/tag/v5.4.52",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/symfony/symfony/releases/tag/v5.4.52"
        },
        {
          "name": "https://github.com/symfony/symfony/releases/tag/v6.4.40",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/symfony/symfony/releases/tag/v6.4.40"
        },
        {
          "name": "https://github.com/symfony/symfony/releases/tag/v7.4.12",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/symfony/symfony/releases/tag/v7.4.12"
        },
        {
          "name": "https://github.com/symfony/symfony/releases/tag/v8.0.12",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/symfony/symfony/releases/tag/v8.0.12"
        }
      ],
      "source": {
        "advisory": "GHSA-fqc7-9xjw-jrh3",
        "discovery": "UNKNOWN"
      },
      "title": "Symfony: SymfonyRuntime CVE-2024-50340 Patch Bypass: Web Requests Can Still Set APP_ENV/APP_DEBUG via parse_str/SAPI Argv Mismatch"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-47767",
    "datePublished": "2026-07-14T18:38:36.513Z",
    "dateReserved": "2026-05-19T22:36:16.882Z",
    "dateUpdated": "2026-07-14T18:38:36.513Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-47344 (GCVE-0-2026-47344)

Vulnerability from cvelistv5 – Published: 2026-06-08 19:03 – Updated: 2026-06-08 19:50
VLAI
Title
TYPO3 HTML Sanitizer allows Cross-Site Scripting
Summary
When ALLOW_INSECURE_RAW_TEXT is enabled, whitespace-variant closing tags (e.g., </style\t>) are not recognized by the sanitizer but accepted by browsers as valid end tags, allowing subsequent content to escape sanitization. This allows bypassing the cross-site scripting prevention mechanism of typo3/html-sanitizer before version 2.3.2.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
  • CWE-436 - Interpretation Conflict
Assigner
Impacted products
Vendor Product Version
TYPO3 HTML Sanitizer Affected: 0 , < 2.3.2 (semver)
Create a notification for this product.
Date Public
2026-06-08 20:00
Credits
IPC Labs Oliver Hader
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-47344",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-08T19:50:27.408977Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-08T19:50:47.479Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://packagist.org",
          "defaultStatus": "unaffected",
          "packageName": "typo3/html-sanitizer",
          "product": "HTML Sanitizer",
          "repo": "https://github.com/TYPO3/html-sanitizer",
          "vendor": "TYPO3",
          "versions": [
            {
              "lessThan": "2.3.2",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:typo3:html_sanitizer:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "2.3.2",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ],
          "operator": "AND"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "IPC Labs"
        },
        {
          "lang": "en",
          "type": "remediation developer",
          "value": "Oliver Hader"
        }
      ],
      "datePublic": "2026-06-08T20:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "When \u003ccode\u003eALLOW_INSECURE_RAW_TEXT\u003c/code\u003e is enabled, whitespace-variant closing tags (e.g., \u003ccode\u003e\u0026lt;/style\\t\u0026gt;\u003c/code\u003e) are not recognized by the sanitizer but accepted by browsers as valid end tags, allowing subsequent content to escape sanitization. This allows bypassing the cross-site scripting prevention mechanism of \u003ccode\u003etypo3/html-sanitizer\u003c/code\u003e before version 2.3.2."
            }
          ],
          "value": "When ALLOW_INSECURE_RAW_TEXT is enabled, whitespace-variant closing tags (e.g., \u003c/style\\t\u003e) are not recognized by the sanitizer but accepted by browsers as valid end tags, allowing subsequent content to escape sanitization. This allows bypassing the cross-site scripting prevention mechanism of typo3/html-sanitizer before version 2.3.2."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 2.1,
            "baseSeverity": "LOW",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "LOW",
            "userInteraction": "PASSIVE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-436",
              "description": "CWE-436 Interpretation Conflict",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-08T19:03:19.826Z",
        "orgId": "f4fb688c-4412-4426-b4b8-421ecf27b14a",
        "shortName": "TYPO3"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://typo3.org/security/advisory/typo3-core-sa-2026-006"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/TYPO3/html-sanitizer/commit/bd1a88d9b5a5f67f1120ec41084e9c1a0675641c"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "TYPO3 HTML Sanitizer allows Cross-Site Scripting",
      "x_generator": {
        "engine": "Vulnogram 1.0.1"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f4fb688c-4412-4426-b4b8-421ecf27b14a",
    "assignerShortName": "TYPO3",
    "cveId": "CVE-2026-47344",
    "datePublished": "2026-06-08T19:03:19.826Z",
    "dateReserved": "2026-05-19T12:49:25.966Z",
    "dateUpdated": "2026-06-08T19:50:47.479Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-47076 (GCVE-0-2026-47076)

Vulnerability from cvelistv5 – Published: 2026-05-25 14:00 – Updated: 2026-05-27 15:41
VLAI
Title
SSRF allowlist bypass via percent-encoded host in hackney
Summary
Interpretation Conflict vulnerability in benoitc hackney allows Server Side Request Forgery. hackney_url:normalize/2 URL-decodes the host component after the URL has been parsed into a #hackney_url{} record. OTP's uri_string:parse/1 and inet:parse_address/1 do not decode percent-escapes in the host, so a URL such as http://%31%32%37%2E%30%2E%30%2E%31/ is seen by a caller's allowlist validator with host %31%32%37%2E%30%2E%30%2E%31 (not an IP address), which passes the allowlist check. hackney's normalizer then decodes the host to 127.0.0.1 and opens a TCP connection to loopback. Because hackney:request/5 always calls hackney_url:normalize/2 with no opt-out, every request that takes a binary or list URL is affected. The same technique reaches cloud instance metadata services (169.254.169.254), RFC1918 networks, and any admin interface listening on localhost. This issue affects hackney: from 0.13.0 before 4.0.1.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-436 - Interpretation Conflict
  • CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
EEF
Impacted products
Vendor Product Version
benoitc hackney Affected: 0.13.0 , < 4.0.1 (semver)
    cpe:2.3:a:benoitc:hackney:*:*:*:*:*:*:*:*
Create a notification for this product.
benoitc hackney Affected: 4d725507588942fd00efca15b86da3273656510a , < 452620a92ec1da2e6b4862a049a2a4f04b42068f (git)
    cpe:2.3:a:benoitc:hackney:*:*:*:*:*:*:*:*
Create a notification for this product.
Credits
Ganbagana Benoit Chesneau Jonatan Männchen / EEF
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-47076",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-26T15:46:49.956392Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-26T15:46:52.424Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/benoitc/hackney/security/advisories/GHSA-pj7v-xfvx-wmjq"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://repo.hex.pm",
          "cpes": [
            "cpe:2.3:a:benoitc:hackney:*:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "modules": [
            "hackney_url"
          ],
          "packageName": "hackney",
          "packageURL": "pkg:hex/hackney",
          "product": "hackney",
          "programFiles": [
            "src/hackney_url.erl"
          ],
          "programRoutines": [
            {
              "name": "hackney_url:normalize/2"
            }
          ],
          "repo": "https://github.com/benoitc/hackney",
          "vendor": "benoitc",
          "versions": [
            {
              "lessThan": "4.0.1",
              "status": "affected",
              "version": "0.13.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://github.com",
          "cpes": [
            "cpe:2.3:a:benoitc:hackney:*:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "modules": [
            "hackney_url"
          ],
          "packageName": "benoitc/hackney",
          "packageURL": "pkg:github/benoitc/hackney",
          "product": "hackney",
          "programFiles": [
            "src/hackney_url.erl"
          ],
          "programRoutines": [
            {
              "name": "hackney_url:normalize/2"
            }
          ],
          "repo": "https://github.com/benoitc/hackney",
          "vendor": "benoitc",
          "versions": [
            {
              "lessThan": "452620a92ec1da2e6b4862a049a2a4f04b42068f",
              "status": "affected",
              "version": "4d725507588942fd00efca15b86da3273656510a",
              "versionType": "git"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:benoitc:hackney:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.0.1",
                  "versionStartIncluding": "0.13.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "AND"
            }
          ],
          "operator": "AND"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Ganbagana"
        },
        {
          "lang": "en",
          "type": "remediation developer",
          "value": "Benoit Chesneau"
        },
        {
          "lang": "en",
          "type": "analyst",
          "value": "Jonatan M\u00e4nnchen / EEF"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Interpretation Conflict vulnerability in benoitc hackney allows Server Side Request Forgery.\u003cp\u003e\u003ctt\u003ehackney_url:normalize/2\u003c/tt\u003e URL-decodes the host component after the URL has been parsed into a \u003ctt\u003e#hackney_url{}\u003c/tt\u003e record. OTP\u0027s \u003ctt\u003euri_string:parse/1\u003c/tt\u003e and \u003ctt\u003einet:parse_address/1\u003c/tt\u003e do not decode percent-escapes in the host, so a URL such as \u003ctt\u003ehttp://%31%32%37%2E%30%2E%30%2E%31/\u003c/tt\u003e is seen by a caller\u0027s allowlist validator with host \u003ctt\u003e%31%32%37%2E%30%2E%30%2E%31\u003c/tt\u003e (not an IP address), which passes the allowlist check. hackney\u0027s normalizer then decodes the host to \u003ctt\u003e127.0.0.1\u003c/tt\u003e and opens a TCP connection to loopback. Because \u003ctt\u003ehackney:request/5\u003c/tt\u003e always calls \u003ctt\u003ehackney_url:normalize/2\u003c/tt\u003e with no opt-out, every request that takes a binary or list URL is affected. The same technique reaches cloud instance metadata services (169.254.169.254), RFC1918 networks, and any admin interface listening on localhost.\u003c/p\u003e\u003cp\u003eThis issue affects hackney: from 0.13.0 before 4.0.1.\u003c/p\u003e"
            }
          ],
          "value": "Interpretation Conflict vulnerability in benoitc hackney allows Server Side Request Forgery. hackney_url:normalize/2 URL-decodes the host component after the URL has been parsed into a #hackney_url{} record. OTP\u0027s uri_string:parse/1 and inet:parse_address/1 do not decode percent-escapes in the host, so a URL such as http://%31%32%37%2E%30%2E%30%2E%31/ is seen by a caller\u0027s allowlist validator with host %31%32%37%2E%30%2E%30%2E%31 (not an IP address), which passes the allowlist check. hackney\u0027s normalizer then decodes the host to 127.0.0.1 and opens a TCP connection to loopback. Because hackney:request/5 always calls hackney_url:normalize/2 with no opt-out, every request that takes a binary or list URL is affected. The same technique reaches cloud instance metadata services (169.254.169.254), RFC1918 networks, and any admin interface listening on localhost.\n\nThis issue affects hackney: from 0.13.0 before 4.0.1."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-664",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-664 Server Side Request Forgery"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "LOCAL",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "NONE"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-436",
              "description": "CWE-436 Interpretation Conflict",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-918",
              "description": "CWE-918 Server-Side Request Forgery (SSRF)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-27T15:41:17.845Z",
        "orgId": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db",
        "shortName": "EEF"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory",
            "related"
          ],
          "url": "https://github.com/benoitc/hackney/security/advisories/GHSA-pj7v-xfvx-wmjq"
        },
        {
          "tags": [
            "related"
          ],
          "url": "https://cna.erlef.org/cves/CVE-2026-47076.html"
        },
        {
          "tags": [
            "related"
          ],
          "url": "https://osv.dev/vulnerability/EEF-CVE-2026-47076"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/benoitc/hackney/commit/452620a92ec1da2e6b4862a049a2a4f04b42068f"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "SSRF allowlist bypass via percent-encoded host in hackney",
      "x_generator": {
        "engine": "cvelib 1.8.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6b3ad84c-e1a6-4bf7-a703-f496b71e49db",
    "assignerShortName": "EEF",
    "cveId": "CVE-2026-47076",
    "datePublished": "2026-05-25T14:00:46.707Z",
    "dateReserved": "2026-05-18T17:28:10.319Z",
    "dateUpdated": "2026-05-27T15:41:17.845Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

No mitigation information available for this CWE.

CAPEC-105: HTTP Request Splitting

An adversary abuses the flexibility and discrepancies in the parsing and interpretation of HTTP Request messages by different intermediary HTTP agents (e.g., load balancer, reverse proxy, web caching proxies, application firewalls, etc.) to split a single HTTP request into multiple unauthorized and malicious HTTP requests to a back-end HTTP agent (e.g., web server).

See CanPrecede relationships for possible consequences.

CAPEC-273: HTTP Response Smuggling

An adversary manipulates and injects malicious content in the form of secret unauthorized HTTP responses, into a single HTTP response from a vulnerable or compromised back-end HTTP agent (e.g., server).

See CanPrecede relationships for possible consequences.

CAPEC-34: HTTP Response Splitting

An adversary manipulates and injects malicious content, in the form of secret unauthorized HTTP responses, into a single HTTP response from a vulnerable or compromised back-end HTTP agent (e.g., web server) or into an already spoofed HTTP response from an adversary controlled domain/site.

See CanPrecede relationships for possible consequences.