CVE ID :CVE-2026-54388 Published : June 17, 2026, 7:59 p.m. | 1 hour, 10 minutes ago Description :Tinyproxy through 1.11.3, fixed in commit 364cdb6, fails to reject requests containing multiple Content-Length headers with differing values, forwarding all duplicate headers to the backend while...

#Sicherheitslücke #Update

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

CVE-2026-54388 - Tinyproxy - HTTP Request Smuggling via Duplicate Content-Length Headers

VERWANDTEARTIKEL

CVE-2026-12530 - Improper neutralization of argument delimiters in AWS Bedrock AgentCore Python SDK install_packages()

CVE-2026-11407 - Pimcore CMS 12.3.8 Twig Sandbox Bypass via SecurityPolicy checkMethodAllowed

CVE-2026-50107 - NGINX Gateway Fabric vulnerability

CVE-2026-54387 - Tinyproxy - HTTP Request Smuggling via CL/TE Desynchronization

CVE-2026-55202 - Tinyproxy - Stathost Detection Bypass via Host Header Manipulation

CVE-2026-55200 - libssh2 - Out-of-Bounds Write via Unchecked packet_length in transport.c