CVE-2026-39849 | pi-hole FTL up to 6.6.0 Configuration API /etc/pihole/pihole.toml crlf injection (GHSA-9cqv-839p-gpq2 / EUVD-2026-27498)

Inserito da Angelo Barbosa | Mag 6, 2026 | CVE

A vulnerability classified as problematic was found in pi-hole FTL up to 6.6.0. Impacted is an unknown function of the file /etc/pihole/pihole.toml of the component Configuration API. Such manipulation leads to crlf injection.

This vulnerability is documented as CVE-2026-39849. The attack requires being on the local network. There is not any exploit available.

Upgrading the affected component is advised.

CVE-2026-39849 | pi-hole FTL up to 6.6.0 Configuration API /etc/pihole/pihole.toml crlf injection (GHSA-9cqv-839p-gpq2 / EUVD-2026-27498)

Post correlati

CVE-2024-30134 | HCL Traveler for Microsoft Outlook prior 3.0.9 HTMO.exe Local Privilege Escalation (KB0114723)

CVE-2023-52312 | Paddle up to 2.5.x null pointer dereference (dsa-2023-021)

CVE-2024-38785 | Jegstudio Gutenverse Plugin up to 1.9.2 on WordPress cross site scripting

CVE-2023-6675 | National Keep Cyber Security Services CyberMath 1.4 unrestricted upload