TL;DR Three critical Tinyproxy request smuggling vulnerabilities threaten network security. These flaws allow attackers to inject arbitrary...
request smuggling
IBM has issued an urgent security bulletin regarding its flagship application server software. Specifically, researchers discovered a...
Apache Tomcat, the open-source backbone for millions of Java-based web applications, has been hit by a wave...
A critical security vulnerability in Axios, the ubiquitous promise-based HTTP client for Node.js and the browser, has...
Apache Traffic Server, the high-performance web proxy cache responsible for keeping the modern web fast, is facing...
Maintainers of aiohttp, the popular asynchronous HTTP client/server framework for Python, have released a sweeping security update...
The CERT Coordination Center (CERT/CC) has issued a vulnerability note highlighting three serious flaws in the Hiawatha...
Varnish Software has disclosed a client-side desynchronization vulnerability, tracked as CVE-2025-47905, in both Varnish Cache and Varnish...
A critical vulnerability tracked as CVE-2025-43859 has been disclosed in h11, a minimalist, I/O-agnostic HTTP/1.1 protocol library...