CVE ID :CVE-2026-54387 Published : June 17, 2026, 7:48 p.m. | 1 hour, 20 minutes ago Description :Tinyproxy through 1.11.3, fixed in commit ff45d3b, fails to reconcile conflicting Content-Length and Transfer-Encoding: chunked headers, forwarding both verbatim to the backend while using...

#Sicherheitslücke #Update

Original-Artikel öffnen Zurück zur Übersicht

ARTICLEVIEW

CVE-2026-54387 - Tinyproxy - HTTP Request Smuggling via CL/TE Desynchronization

VERWANDTEARTIKEL

CVE-2026-12530 - Improper neutralization of argument delimiters in AWS Bedrock AgentCore Python SDK install_packages()

CVE-2026-11407 - Pimcore CMS 12.3.8 Twig Sandbox Bypass via SecurityPolicy checkMethodAllowed

CVE-2026-50107 - NGINX Gateway Fabric vulnerability

CVE-2026-54388 - Tinyproxy - HTTP Request Smuggling via Duplicate Content-Length Headers

CVE-2026-55202 - Tinyproxy - Stathost Detection Bypass via Host Header Manipulation

CVE-2026-55200 - libssh2 - Out-of-Bounds Write via Unchecked packet_length in transport.c