CVE-2026-47220 | envoyproxy envoy up to 1.37.4/1.38.2 Host Header null pointer dereference

Inserito da Angelo Barbosa | Giu 26, 2026 | CVE

A vulnerability categorized as problematic has been discovered in envoyproxy envoy up to 1.37.4/1.38.2. Affected is an unknown function of the component Host Header Handler. The manipulation results in null pointer dereference.

This vulnerability is known as CVE-2026-47220. It is possible to launch the attack remotely. No exploit is available.

It is advisable to upgrade the affected component.

CVE-2026-47220 | envoyproxy envoy up to 1.37.4/1.38.2 Host Header null pointer dereference

Post correlati

CVE-2023-41678 | Fortinet FortiOS FortiPAM HTTPSd Daemon double free (FG-IR-23-196)

CVE-2025-49433 | Supermalink Plugin up to 1.1 on WordPress cross site scripting

CVE-2023-45913 | Freedesktop Mesa 23.0.4 dri2GetGlxDrawableFromXDrawableId null pointer dereference

CVE-2025-21691 | Linux Kernel up to 6.6.74/6.12.11/6.13.0 cachestat mm/mincore.c permission