CVE-2026-55603 | chimurai http-proxy-middleware up to 3.0.6/4.1.0 Upstream Backend fixRequestBody crlf injection (GHSA-gcq2-9pq2-cxqm)

Inserito da Angelo Barbosa | Giu 23, 2026 | CVE

A vulnerability labeled as critical has been found in chimurai http-proxy-middleware up to 3.0.6/4.1.0. The impacted element is the function fixRequestBody of the component Upstream Backend. Such manipulation leads to crlf injection.

This vulnerability is referenced as CVE-2026-55603. It is possible to launch the attack remotely. No exploit is available.

The affected component should be upgraded.

CVE-2026-55603 | chimurai http-proxy-middleware up to 3.0.6/4.1.0 Upstream Backend fixRequestBody crlf injection (GHSA-gcq2-9pq2-cxqm)

Post correlati

CVE-2024-48855 | BlackBerry QNX Software Development Platform 7.0/7.1/8.0 TIFF Image Codec out-of-bounds

CVE-2026-26133 | Microsoft M365 Copilot information disclosure

CVE-2025-0208 | code-projects Online Shoe Store 1.0 /summary.php tid sql injection

CVE-2025-0949 | itsourcecode Tailoring Management System 1.0 partview.php typeid sql injection