CVE-2026-49871 | Apache APISIX up to 3.16.0 Configuration cross-site request forgery

Inserito da Angelo Barbosa | Giu 19, 2026 | CVE

A vulnerability classified as problematic was found in Apache APISIX up to 3.16.0. The affected element is an unknown function of the component Configuration Handler. Executing a manipulation can lead to cross-site request forgery.

This vulnerability is registered as CVE-2026-49871. It is possible to launch the attack remotely. No exploit is available.

Upgrading the affected component is advised.

CVE-2026-49871 | Apache APISIX up to 3.16.0 Configuration cross-site request forgery

Post correlati

CVE-2025-62076 | Simple Payment Plugin up to 2.4.6 on WordPress cross site scripting

CVE-2023-6027 | PHPMemcachedAdmin 1.3.0 /pmcadmin/configure.php cross site scripting

CVE-2026-1094 | GitLab Community Edition/Enterprise Edition up to 18.8.3 File improper validation of unsafe equivalence in input

CVE-2024-32030 | provectus kafka-ui up to 0.7.1 deserialization (GHSL-2023-229)