Tag
critical
threat
CVE-2026-1502 HTTP Client Proxy Tunnel Headers CR/LF Injection Vulnerability
2 rules 1 TTP 1 CVECVE-2026-1502 is a critical vulnerability in Microsoft HTTP client proxy tunnel header validation, potentially allowing for CR/LF injection attacks.
crlf-injection
http-request-smuggling
proxy-vulnerability
cve
2r
1t
1c
critical
advisory
Fastify Proxy Header Stripping Vulnerability
2 rules 2 TTPsThe `@fastify/reply-from` and `@fastify/http-proxy` libraries process the client's `Connection` header after adding headers, allowing attackers to strip proxy-added headers via the `Connection` header, leading to potential bypass of security controls.
fastify
header stripping
proxy vulnerability
2r
2t