Httpsig Hyper

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-26275 HIGH PATCH This Week

httpsig-hyper versions prior to 0.0.23 fail to properly validate HTTP message digest headers due to improper use of Rust's matches! macro, allowing attackers to forge or modify message bodies without detection. This vulnerability affects applications using the library for HTTP signature verification, enabling attackers to bypass integrity checks on signed requests. A patch is available in version 0.0.23 and later.

Information Disclosure Httpsig Hyper

NVD GitHub

CVSS 3.1

7.5

EPSS

0.0%

CVE-2026-26275

EPSS 0% CVSS 7.5

HIGH PATCH This Week

httpsig-hyper versions prior to 0.0.23 fail to properly validate HTTP message digest headers due to improper use of Rust's matches! macro, allowing attackers to forge or modify message bodies without detection. This vulnerability affects applications using the library for HTTP signature verification, enabling attackers to bypass integrity checks on signed requests. A patch is available in version 0.0.23 and later.

Information Disclosure Httpsig Hyper

NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy