CVE-2026-31908 | Apache APISIX up to 3.15.0 Forward Auth Plugin injection

Inserito da Angelo Barbosa | Apr 14, 2026 | CVE

A vulnerability marked as critical has been reported in Apache APISIX up to 3.15.0. Affected by this vulnerability is an unknown functionality of the component Forward Auth Plugin. Performing a manipulation results in injection.

This vulnerability is identified as CVE-2026-31908. The attack can be initiated remotely. There is not any exploit available.

It is suggested to upgrade the affected component.

CVE-2026-31908 | Apache APISIX up to 3.15.0 Forward Auth Plugin injection

Post correlati

CVE-2026-24593 | Strategy11 AWP Classifieds Plugin up to 4.4.3 on WordPress exposure of sensitive system information to an unauthorized control sphere

CVE-2024-7225 | SourceCodester Insurance Management System 1.0 Edit Insurance Policy Page update_policy pname cross site scripting

CVE-2025-5010 | moonlightL hexo-boot 4.3.0 Blog Backend /admin/home/index.html Description cross site scripting

CVE-2024-33056 | Qualcomm Snapdragon Auto up to MDM SMEM Partition buffer over-read