Skip to main content

CWE-436

Interpretation Conflict

65 CVEs Avg CVSS 6.9 MITRE
10
CRITICAL
26
HIGH
25
MEDIUM
4
LOW
11
POC
0
KEV

Monthly

CVE-2026-56329 MEDIUM PATCH This Month

Preview namespace collision in Capgo before 12.128.2 enables authenticated low-privileged tenants to hijack or deny preview routing for other tenants' applications by deliberately registering app IDs containing double underscores that decode identically to a victim's dot-separated app ID. The non-bijective hostname parsing - where `__` maps to `.` but `.` is also a valid app ID character - breaks namespace uniqueness across tenants, allowing cross-tenant preview misrouting. No public exploit has been identified at time of analysis, and no CISA KEV listing exists; real-world impact is confined to preview functionality, not production app delivery.

Information Disclosure Capgo
NVD GitHub
CVSS 4.0
5.3
EPSS
0.2%
CVE-2026-59882 MEDIUM PATCH This Month

Host validation bypass in guzzlehttp/psr7 before 2.12.3 enables URI authority confusion attacks against PHP applications that rely on Uri::getHost() for security-critical decisions. The Uri::assertValidHost() method accepts host strings containing authority delimiters, embedded ports, or malformed IPv6 brackets, causing a semantic split where getHost() returns a sanitized value that disagrees with the actual URI authority used for routing - a classic CWE-436 interpretation conflict exploitable for SSRF allowlist bypass or host-based access control evasion. No public exploit has been identified at time of analysis; vendor-released patch version 2.12.3 resolves the issue.

Information Disclosure Psr7
NVD GitHub VulDB
CVSS 3.1
4.2
EPSS
0.2%
CVE-2026-14198 CRITICAL PATCH Act Now

Authentication and authorization bypass in @fastify/middie 9.1.0 through 9.3.2 lets remote unauthenticated attackers reach protected parameterized route handlers by placing an encoded slash (%2F) in a path parameter. The middleware layer decodes %2F before matching while Fastify's router preserves the encoding, so the two disagree on the canonical path and any middie-based auth, authz, rate-limiting, or auditing middleware silently fails to run while the route handler still fires. No public exploit identified at time of analysis; the flaw is method-agnostic and requires no special preconditions, and the vendor rates it CVSS 9.1.

Authentication Bypass Canonical Fastify Middie
NVD GitHub
CVSS 3.1
9.1
EPSS
0.3%
CVE-2026-49473 npm HIGH PATCH GHSA This Week

{id} action yet executed by the restrictive /users list handler. No public exploit identified at time of analysis, but the technique is fully described in the AWS/GitHub advisory and trivially reproducible.

Authentication Bypass
NVD GitHub
CVSS 3.1
8.8
CVE-2026-13676 HIGH PATCH This Week

Host-based security policy bypass in the fast-uri Node.js URI parser (versions 2.3.1 through 3.1.2 and 4.0.0) lets remote attackers defeat denylists, loopback filters, redirect validation, and SSRF/proxy-routing controls by supplying Unicode (IDN) hostnames. Because fast-uri's IDN path invokes a non-existent helper on the global URL constructor, it leaves the host in raw Unicode form while normalize() and equal() report a host that differs from what Node's WHATWG URL or fetch ultimately resolve, producing a parser-differential bypass. No public exploit is identified at time of analysis, but the bypass is trivially reproducible and primarily enables SSRF-style integrity attacks.

Authentication Bypass Fast Uri
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-53538 PyPI LOW PATCH GHSA Monitor

Parser differential in python-multipart's QuerystringParser enables HTTP parameter pollution against applications protected by WHATWG-compliant upstream components (WAFs, API gateways). Versions prior to 0.0.30 tokenize semicolons as field separators in application/x-www-form-urlencoded bodies - diverging from WHATWG, modern browsers, and Python's urllib.parse - allowing an attacker to craft a request body whose fields are parsed differently by an upstream body inspector than by the backend, smuggling form parameters the intermediary never validated. No public exploit code and no CISA KEV listing have been identified at time of analysis, but the attack primitive is well-understood and mirrors the class of issue fixed in CPython as CVE-2021-23336.

Python Information Disclosure
NVD GitHub VulDB
CVSS 3.1
3.7
EPSS
0.2%
CVE-2026-53655 npm MEDIUM PATCH GHSA This Month

Tar parser interpretation differential in node-tar (npm `tar` package) <= 7.5.15 allows a crafted archive to present a different member list to node-tar than to GNU tar, libarchive, or Python tarfile, enabling security scanner evasion in pipelines that scan with one tool and extract with another. The flaw stems from node-tar incorrectly applying a PAX extended header's `size=` override to intermediary GNU long-name (`L`) and long-link (`K`) metadata headers, desynchronizing the stream cursor and causing node-tar to raise a checksum error and report zero members while reference parsers correctly extract files. A detailed, working proof-of-concept (Python stdlib only) is included in the advisory; no active exploitation (CISA KEV) has been confirmed at time of analysis, but the broad npm ecosystem blast radius - node-tar backs npm's own tarball handling - materially elevates real-world risk.

Python Information Disclosure Node.js Suse
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.1%
CVE-2026-44974 npm HIGH PATCH GHSA This Week

Upload filename allowlist bypass in the @hapi/content npm header parser (versions < 6.0.2) lets remote attackers smuggle malicious parameters past upstream validation. The library's Content.disposition() retained the last occurrence of a duplicated parameter while Content.type() retained the first occurrence of charset/boundary, so when a WAF, reverse proxy, or security filter resolves the same duplicate the opposite way, the two layers disagree on values such as the upload filename. No public exploit code or active exploitation has been identified; the GitHub Security Advisory (GHSA-36hh-x5p5-jgc8) documents the exact smuggling header but no CVSS score or EPSS data is provided.

PHP Authentication Bypass
NVD GitHub
EPSS
0.1%
CVE-2026-47076 MEDIUM POC PATCH GHSA This Month

SSRF allowlist bypass in hackney (Erlang HTTP client) versions 0.13.0 through before 4.0.1 allows attackers who control URL input to circumvent application-level SSRF protections by supplying percent-encoded IP addresses as hostnames. The parser differential lies in hackney_url:normalize/2 decoding the host component post-parse: OTP's uri_string:parse/1 and inet:parse_address/1 see %31%36%39%2E%32%35%34%2E%31%36%39%2E%32%35%34 as a non-IP string (allowlist passes), while hackney then decodes it to 169.254.169.254 and establishes the TCP connection. A proof-of-concept exists per SSVC assessment; no active exploitation is confirmed in CISA KEV, and EPSS is very low at 0.01% (2nd percentile).

SSRF Hackney
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.0%
CVE-2026-40930 MEDIUM This Month

Chunk-smuggling in libpng-apng's push-mode APNG parser allows a remote unauthenticated attacker to cause integrity violations and availability disruption when a victim processes a specially crafted APNG file. The flaw - classified under CWE-436 (Interpretation Conflict) - stems from incorrect sequencing of CRC finalization and frame sequence number validation for fcTL and fdAT chunks in pngpread.c, enabling maliciously ordered chunk boundaries to bypass expected parser state transitions. No public exploit code exists at time of analysis and this vulnerability is not listed in the CISA KEV catalog; however, it represents a meaningful risk for any image-processing pipeline or application accepting user-supplied APNG data from untrusted sources.

RCE Apache SQLi PostgreSQL
NVD GitHub
CVSS 3.1
5.4
EPSS
0.0%
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Preview namespace collision in Capgo before 12.128.2 enables authenticated low-privileged tenants to hijack or deny preview routing for other tenants' applications by deliberately registering app IDs containing double underscores that decode identically to a victim's dot-separated app ID. The non-bijective hostname parsing - where `__` maps to `.` but `.` is also a valid app ID character - breaks namespace uniqueness across tenants, allowing cross-tenant preview misrouting. No public exploit has been identified at time of analysis, and no CISA KEV listing exists; real-world impact is confined to preview functionality, not production app delivery.

Information Disclosure Capgo
NVD GitHub
EPSS 0% CVSS 4.2
MEDIUM PATCH This Month

Host validation bypass in guzzlehttp/psr7 before 2.12.3 enables URI authority confusion attacks against PHP applications that rely on Uri::getHost() for security-critical decisions. The Uri::assertValidHost() method accepts host strings containing authority delimiters, embedded ports, or malformed IPv6 brackets, causing a semantic split where getHost() returns a sanitized value that disagrees with the actual URI authority used for routing - a classic CWE-436 interpretation conflict exploitable for SSRF allowlist bypass or host-based access control evasion. No public exploit has been identified at time of analysis; vendor-released patch version 2.12.3 resolves the issue.

Information Disclosure Psr7
NVD GitHub VulDB
EPSS 0% CVSS 9.1
CRITICAL PATCH Act Now

Authentication and authorization bypass in @fastify/middie 9.1.0 through 9.3.2 lets remote unauthenticated attackers reach protected parameterized route handlers by placing an encoded slash (%2F) in a path parameter. The middleware layer decodes %2F before matching while Fastify's router preserves the encoding, so the two disagree on the canonical path and any middie-based auth, authz, rate-limiting, or auditing middleware silently fails to run while the route handler still fires. No public exploit identified at time of analysis; the flaw is method-agnostic and requires no special preconditions, and the vendor rates it CVSS 9.1.

Authentication Bypass Canonical Fastify Middie
NVD GitHub
CVSS 8.8
HIGH PATCH This Week

{id} action yet executed by the restrictive /users list handler. No public exploit identified at time of analysis, but the technique is fully described in the AWS/GitHub advisory and trivially reproducible.

Authentication Bypass
NVD GitHub
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Host-based security policy bypass in the fast-uri Node.js URI parser (versions 2.3.1 through 3.1.2 and 4.0.0) lets remote attackers defeat denylists, loopback filters, redirect validation, and SSRF/proxy-routing controls by supplying Unicode (IDN) hostnames. Because fast-uri's IDN path invokes a non-existent helper on the global URL constructor, it leaves the host in raw Unicode form while normalize() and equal() report a host that differs from what Node's WHATWG URL or fetch ultimately resolve, producing a parser-differential bypass. No public exploit is identified at time of analysis, but the bypass is trivially reproducible and primarily enables SSRF-style integrity attacks.

Authentication Bypass Fast Uri
NVD GitHub VulDB
EPSS 0% CVSS 3.7
LOW PATCH Monitor

Parser differential in python-multipart's QuerystringParser enables HTTP parameter pollution against applications protected by WHATWG-compliant upstream components (WAFs, API gateways). Versions prior to 0.0.30 tokenize semicolons as field separators in application/x-www-form-urlencoded bodies - diverging from WHATWG, modern browsers, and Python's urllib.parse - allowing an attacker to craft a request body whose fields are parsed differently by an upstream body inspector than by the backend, smuggling form parameters the intermediary never validated. No public exploit code and no CISA KEV listing have been identified at time of analysis, but the attack primitive is well-understood and mirrors the class of issue fixed in CPython as CVE-2021-23336.

Python Information Disclosure
NVD GitHub VulDB
EPSS 0% CVSS 6.9
MEDIUM PATCH This Month

Tar parser interpretation differential in node-tar (npm `tar` package) <= 7.5.15 allows a crafted archive to present a different member list to node-tar than to GNU tar, libarchive, or Python tarfile, enabling security scanner evasion in pipelines that scan with one tool and extract with another. The flaw stems from node-tar incorrectly applying a PAX extended header's `size=` override to intermediary GNU long-name (`L`) and long-link (`K`) metadata headers, desynchronizing the stream cursor and causing node-tar to raise a checksum error and report zero members while reference parsers correctly extract files. A detailed, working proof-of-concept (Python stdlib only) is included in the advisory; no active exploitation (CISA KEV) has been confirmed at time of analysis, but the broad npm ecosystem blast radius - node-tar backs npm's own tarball handling - materially elevates real-world risk.

Python Information Disclosure Node.js +1
NVD GitHub VulDB
EPSS 0%
HIGH PATCH This Week

Upload filename allowlist bypass in the @hapi/content npm header parser (versions < 6.0.2) lets remote attackers smuggle malicious parameters past upstream validation. The library's Content.disposition() retained the last occurrence of a duplicated parameter while Content.type() retained the first occurrence of charset/boundary, so when a WAF, reverse proxy, or security filter resolves the same duplicate the opposite way, the two layers disagree on values such as the upload filename. No public exploit code or active exploitation has been identified; the GitHub Security Advisory (GHSA-36hh-x5p5-jgc8) documents the exact smuggling header but no CVSS score or EPSS data is provided.

PHP Authentication Bypass
NVD GitHub
EPSS 0% CVSS 6.9
MEDIUM POC PATCH This Month

SSRF allowlist bypass in hackney (Erlang HTTP client) versions 0.13.0 through before 4.0.1 allows attackers who control URL input to circumvent application-level SSRF protections by supplying percent-encoded IP addresses as hostnames. The parser differential lies in hackney_url:normalize/2 decoding the host component post-parse: OTP's uri_string:parse/1 and inet:parse_address/1 see %31%36%39%2E%32%35%34%2E%31%36%39%2E%32%35%34 as a non-IP string (allowlist passes), while hackney then decodes it to 169.254.169.254 and establishes the TCP connection. A proof-of-concept exists per SSVC assessment; no active exploitation is confirmed in CISA KEV, and EPSS is very low at 0.01% (2nd percentile).

SSRF Hackney
NVD GitHub VulDB
EPSS 0% CVSS 5.4
MEDIUM This Month

Chunk-smuggling in libpng-apng's push-mode APNG parser allows a remote unauthenticated attacker to cause integrity violations and availability disruption when a victim processes a specially crafted APNG file. The flaw - classified under CWE-436 (Interpretation Conflict) - stems from incorrect sequencing of CRC finalization and frame sequence number validation for fcTL and fdAT chunks in pngpread.c, enabling maliciously ordered chunk boundaries to bypass expected parser state transitions. No public exploit code exists at time of analysis and this vulnerability is not listed in the CISA KEV catalog; however, it represents a meaningful risk for any image-processing pipeline or application accepting user-supplied APNG data from untrusted sources.

RCE Apache SQLi +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy