CVE-2026-24853 | Caido up to 0.54.x Service Port 8080 X-Forwarded-Host authentication spoofing (GHSA-3q5q-p8vj-8783)

Inserito da Angelo Barbosa | Feb 14, 2026 | CVE

A vulnerability marked as critical has been reported in Caido up to 0.54.x. Affected is an unknown function of the component Service Port 8080. Performing a manipulation of the argument X-Forwarded-Host results in authentication bypass by spoofing.

This vulnerability was named CVE-2026-24853. The attack may be initiated remotely. There is no available exploit.

It is suggested to upgrade the affected component.

CVE-2026-24853 | Caido up to 0.54.x Service Port 8080 X-Forwarded-Host authentication spoofing (GHSA-3q5q-p8vj-8783)

Post correlati

CVE-2025-14709 | Shiguangwu sgwbox N3 2.0.25 WIRELESSCFGGET Interface http_eshell_server params buffer overflow

CVE-2024-40953 | Linux Kernel up to 6.1.95/6.6.35/6.9.6 kvm_vcpu_on_spin out-of-bounds

CVE-2025-7209 | 9fans plan9port up to 9da5b44 src/libsec/port/x509.c value_decode null pointer dereference (Issue 711)

CVE-2024-8147 | code-projects Pharmacy Management System 1.0 index.php id sql injection