CVE-2026-41417 | Netty up to 4.1.132.Final/4.2.12.Final HTTP Request setUri crlf injection (GHSA-v8h7-rr48-vmmv)

Inserito da Angelo Barbosa | Mag 7, 2026 | CVE

A vulnerability was found in Netty up to 4.1.132.Final/4.2.12.Final. It has been classified as problematic. This affects the function setUri of the component HTTP Request Handler. Performing a manipulation results in crlf injection.

This vulnerability is reported as CVE-2026-41417. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is recommended.

CVE-2026-41417 | Netty up to 4.1.132.Final/4.2.12.Final HTTP Request setUri crlf injection (GHSA-v8h7-rr48-vmmv)

Post correlati

CVE-2025-1544 | dingfanzu CMS up to 20250210 /ajax/loadShopInfo.php shopId sql injection

CVE-2026-7094 | ShadowCloneLabs GlutamateMCPServers up to e2de73280b01e5d943593dd1aa2c01c5b9112f78 puppeteer_navigate src/puppeteer/index.ts url server-side request forgery

CVE-2024-10681 | reputeinfosystems ARMember Plugin up to 4.0.51 on WordPress Shortcode do_shortcode code injection

CVE-2024-43566 | Microsoft Edge up to 129.0.2792.52 integer overflow