Product
The undici library, when using `Socks5ProxyAgent`, is vulnerable to cross-origin request routing if a single connection pool is reused across different origins, potentially misdirecting requests and credentials, trusting responses from the wrong origin, and silently downgrading HTTPS requests to HTTP (CVE-2026-6734).