Blacksheep

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-22779 MEDIUM PATCH This Month

BlackSheep's HTTP client prior to version 2.4.6 is vulnerable to CRLF injection due to insufficient header validation, allowing attackers to inject malicious headers or forge HTTP requests when developers pass unsanitized user input into header fields. Only applications using BlackSheep as an HTTP client are affected; the server component is not impacted. A patch is available in version 2.4.6 and later.

Python Blacksheep

NVD GitHub

CVSS 3.1

5.3

EPSS

0.0%

CVE-2026-22779

EPSS 0% CVSS 5.3

MEDIUM PATCH This Month

BlackSheep's HTTP client prior to version 2.4.6 is vulnerable to CRLF injection due to insufficient header validation, allowing attackers to inject malicious headers or forge HTTP requests when developers pass unsanitized user input into header fields. Only applications using BlackSheep as an HTTP client are affected; the server component is not impacted. A patch is available in version 2.4.6 and later.

Python Blacksheep

NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy