CVEs classified under CWE-644, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (37)
CVE-2025-70948 — CVSS 9.3 (critical): A host header injection vulnerability in the mailer component of @perfood/couch-auth v0.26.0 allows attackers to obtain reset tokens and…
CVE-2026-26747 — CVSS 9.1 (critical): A Host Header Poisoning vulnerability exists in Monica 4.1.2 due to improper handling of the HTTP Host header in app/Providers/AppServicePro…
CVE-2026-26234 — CVSS 8.8 (high): JUNG Smart Visu Server 1.1.1050 contains a request header manipulation vulnerability that allows unauthenticated attackers to override…
CVE-2023-32465 — CVSS 8.8 (high): Dell Power Protect Cyber Recovery, contains an Authentication Bypass vulnerability. An attacker could potentially exploit this…
CVE-2026-33805 — CVSS 8.6 (high): @fastify/reply-from v12.6.1 and earlier and @fastify/http-proxy v11.4.3 and earlier process the client's Connection header after the proxy…
CVE-2025-64484 — CVSS 8.5 (high): OAuth2-Proxy is an open-source tool that can act as either a standalone reverse proxy or a middleware component integrated into existing…
CVE-2026-33149 — CVSS 8.1 (high): Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Versions up to and including 2.5.3 set…
CVE-2025-64425 — CVSS 8.1 (high): Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. In Coolify versions up to and including…
CVE-2025-13803 — CVSS 7.3 (high): A vulnerability was identified in MediaCrush 1.0.0/1.0.1. The affected element is an unknown function of the file /mediacrush/paths.py of…
CVE-2021-21265 — CVSS 6.8 (medium): October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October before version 1.1.2, when running…
CVE-2024-51454 — CVSS 6.5 (medium): IBM Engineering Workflow Management 7.0.2 through 7.0.2 Interim Fix 035, 7.0.3 through 7.0.3 Interim Fix 017, and 7.1 through 7.1 Interim…
CVE-2026-4096 — CVSS 6.5 (medium): IBM DevOps Plan 3.0.0 through 3.0.6 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers…
CVE-2025-14807 — CVSS 6.5 (medium): IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is vulnerable to HTTP header injection, caused by improper validation of input…
CVE-2025-27901 — CVSS 6.5 (medium): IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 IBM Db2 Recovery Expert for Linux, UNIX and Windows is vulnerable to HTTP header…
CVE-2024-51451 — CVSS 6.5 (medium): IBM Concert 1.0.0 through 2.1.0 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This…
CVE-2026-1698 — CVSS 6.1 (medium): A HTTP Host header attack vulnerability affects WebClient and the WebScheduler web apps of PcVue in version 15.0.0 through 16.3.3 included…
CVE-2025-52647 — CVSS 6.1 (medium): The BigFix WebUI application responds with HOST information from the HTTP header field making it vulnerable to Host Header Poisoning…
CVE-2025-40631 — CVSS 6.1 (medium): HTTP host header injection vulnerability in Icewarp Mail Server affecting version 11.4.0. By modifying the Host header and adding a…
CVE-2025-27632 — CVSS 6.1 (medium): A Host Header Injection vulnerability in TRMTracker application may allow an attacker by modifying the host header value in an HTTP request…
CVE-2025-23001 — CVSS 6.1 (medium): A Host header injection vulnerability exists in CTFd 3.7.5, due to the application failing to properly validate or sanitize the Host…
CVE-2021-20784 — CVSS 6.1 (medium): HTTP header injection vulnerability in Everything version 1.0, 1.1, and 1.2 except the Lite version may allow a remote attacker to inject…
CVE-2026-54477 — CVSS 5.4 (medium): The admin panel lacks standard security headers, enabling clickjacking and cross-site scripting attacks.
CVE-2025-66485 — CVSS 5.4 (medium): IBM Aspera Shares 1.9.9 through 1.11.0 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers…
CVE-2025-13213 — CVSS 5.4 (medium): IBM Aspera Orchestrator 3.0.0 through 4.1.2 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST…
CVE-2025-36227 — CVSS 5.4 (medium): IBM Aspera Faspex 5 5.0.0 through 5.0.14.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST…
CVE-2025-36223 — CVSS 5.4 (medium): IBM OpenPages 9.0 and 9.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could…
CVE-2024-40686 — CVSS 5.4 (medium): IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2 is vulnerable to HTTP header injection…
CVE-2025-2950 — CVSS 5.4 (medium): IBM i 7.3, 7.4, 7.5, and 7.5 is vulnerable to a host header injection attack caused by improper neutralization of HTTP header content by…
CVE-2022-43847 — CVSS 5.4 (medium): IBM Aspera Console 3.4.0 through 3.4.4 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers…
CVE-2023-35894 — CVSS 5.4 (medium): IBM Control Center 6.2.1 through 6.3.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers…
CVE-2025-13434 — CVSS 5.3 (medium): A weakness has been identified in jameschz Hush Framework 2.0. The impacted element is an unknown function of the file…
CVE-2025-0154 — CVSS 5.3 (medium): IBM TXSeries for Multiplatforms 9.1 and 11.1 could disclose sensitive information to a remote attacker due to improper neutralization of…
CVE-2024-30129 — CVSS 5.3 (medium): The HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would cause…
CVE-2026-10836: Improper handling of HTTP headers that allows a remote attacker to manipulate the value of the Host header using specially crafted…
CVE-2025-24339 — CVSS 5.0 (medium): A vulnerability in the web application of ctrlX OS allows a remote unauthenticated attacker to conduct various attacks against users of the…
CVE-2025-23191 — CVSS 3.1 (low): Cached values belonging to the SAP OData endpoint in SAP Fiori for SAP ERP could be poisoned by modifying the Host header value in an HTTP…
CVE-2025-52660 — CVSS 2.7 (low): HCL AION is affected by an Unrestricted File Upload vulnerability. This can allow malicious file uploads, potentially resulting in…