CVE-2026-30852 | caddyserver caddy up to 2.11.1 Request Header repl.ReplaceAll information disclosure

Inserito da Angelo Barbosa | Mar 7, 2026 | CVE

A vulnerability was found in caddyserver caddy up to 2.11.1. It has been classified as problematic. The impacted element is the function repl.ReplaceAll of the component Request Header Handler. The manipulation leads to information disclosure.

This vulnerability is uniquely identified as CVE-2026-30852. The attack is possible to be carried out remotely. No exploit exists.

Upgrading the affected component is recommended.

CVE-2026-30852 | caddyserver caddy up to 2.11.1 Request Header repl.ReplaceAll information disclosure

Post correlati

CVE-2025-39838 | Linux Kernel up to 6.1.150/6.6.104/6.12.45/6.16.5/6.17-rc4 cifs __cifs_sfu_make_node null pointer dereference

CVE-2025-7436 | Campcodes Online Recruitment Management System 1.0 ajax.php?action=delete_vacancy ID sql injection

CVE-2024-55642 | Linux Kernel up to 6.12.5 disk_zone_wplug_set_error deadlock

CVE-2024-2825 | lakernote EasyAdmin up to 20240315 saveReportFile file path traversal (I98ZTA)