CVE-2026-48856
- EPSS 0.34%
- Veröffentlicht 10.06.2026 14:41:51
- Zuletzt bearbeitet 15.06.2026 18:23:43
Sensitive Data Exposure vulnerability in Erlang OTP inets (httpc_response module) allows Retrieve Embedded Sensitive Data. The httpc client forwards the Authorization and Proxy-Authorization request headers to redirect targets without checking wheth...
CVE-2026-48858
- EPSS 0.23%
- Veröffentlicht 10.06.2026 14:35:45
- Zuletzt bearbeitet 11.06.2026 19:27:00
Server-Side Request Forgery (SSRF) vulnerability in Erlang/OTP ftp (ftp_internal module) allows FTP bounce attacks and SSRF via an unvalidated PASV response IP address. The ftp_internal:handle_ctrl_result/2 PASV handler (mode=passive, ipfamily=inet,...
CVE-2026-23941
- EPSS 0.53%
- Veröffentlicht 13.03.2026 09:11:58
- Zuletzt bearbeitet 21.05.2026 15:22:43
Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in Erlang OTP (inets httpd module) allows HTTP Request Smuggling. This vulnerability is associated with program files lib/inets/src/http_server/httpd_request.erl a...