Product

Llhttp

1 brief RSS

CVE-2025-23167 Node.js HTTP Request Smuggling via llhttp

CVE-2025-23167 describes a request smuggling vulnerability in Node.js 20's HTTP parser due to improper header termination, allowing attackers to bypass proxy access controls.

Node.js +1 cve request smuggling nodejs http

2r 1t 1c 1m ago