request smuggling

WebSphere Remote Code Execution Defended with New IBM Security Fixes

• Vulnerability Report

WebSphere Remote Code Execution Defended with New IBM Security Fixes

Do Son May 30, 2026 0

IBM has issued an urgent security bulletin regarding its flagship application server software. Specifically, researchers discovered a...

Read More Read more about WebSphere Remote Code Execution Defended with New IBM Security Fixes

Encryption Bypasses and Kubernetes Token Leaks Hit Apache Tomcat

• Vulnerability Report

Encryption Bypasses and Kubernetes Token Leaks Hit Apache Tomcat

Do Son April 13, 2026 0

Apache Tomcat, the open-source backbone for millions of Java-based web applications, has been hit by a wave...

Read More Read more about Encryption Bypasses and Kubernetes Token Leaks Hit Apache Tomcat

CVE-2026-40175 (CVSS 10): Critical Axios Vulnerability and Exploit Code Disclosed Publicly

• Vulnerability Report

CVE-2026-40175 (CVSS 10): Critical Axios Vulnerability and Exploit Code Disclosed Publicly

Do Son April 12, 2026 0

A critical security vulnerability in Axios, the ubiquitous promise-based HTTP client for Node.js and the browser, has...

Read More Read more about CVE-2026-40175 (CVSS 10): Critical Axios Vulnerability and Exploit Code Disclosed Publicly

Apache Traffic Server Patches “Double-Header” DoS and Request Smuggling Flaws

• Vulnerability Report

Apache Traffic Server Patches “Double-Header” DoS and Request Smuggling Flaws

Do Son April 3, 2026 0

Apache Traffic Server, the high-performance web proxy cache responsible for keeping the modern web fast, is facing...

Read More Read more about Apache Traffic Server Patches “Double-Header” DoS and Request Smuggling Flaws

Aiohttp Patches Seven Vulnerabilities Including High-Severity DoS Risks

• Vulnerability Report

Aiohttp Patches Seven Vulnerabilities Including High-Severity DoS Risks

Do Son January 6, 2026 0

Maintainers of aiohttp, the popular asynchronous HTTP client/server framework for Python, have released a sweeping security update...

Read More Read more about Aiohttp Patches Seven Vulnerabilities Including High-Severity DoS Risks

Critical Flaws in Hiawatha Web Server Could Allow Authentication Bypass and RCE

• Vulnerability Report

Critical Flaws in Hiawatha Web Server Could Allow Authentication Bypass and RCE

Do Son September 10, 2025 0

The CERT Coordination Center (CERT/CC) has issued a vulnerability note highlighting three serious flaws in the Hiawatha...

Read More Read more about Critical Flaws in Hiawatha Web Server Could Allow Authentication Bypass and RCE

Varnish Vulnerability Exposes Cache to HTTP Request Smuggling

• Vulnerability

Varnish Vulnerability Exposes Cache to HTTP Request Smuggling

Do Son May 14, 2025 0

Varnish Software has disclosed a client-side desynchronization vulnerability, tracked as CVE-2025-47905, in both Varnish Cache and Varnish...

Read More Read more about Varnish Vulnerability Exposes Cache to HTTP Request Smuggling

CVE-2025-43859: Request Smuggling Vulnerability in Python’s h11 HTTP Library

• Vulnerability

CVE-2025-43859: Request Smuggling Vulnerability in Python’s h11 HTTP Library

Do Son April 27, 2025 0

A critical vulnerability tracked as CVE-2025-43859 has been disclosed in h11, a minimalist, I/O-agnostic HTTP/1.1 protocol library...

Read More Read more about CVE-2025-43859: Request Smuggling Vulnerability in Python’s h11 HTTP Library