All 5 CVE vulnerabilities found in heimdall, with AI-generated Chinese analysis, references, and POCs.
Vendor: LinuxServer
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-42274 | Heimdall: Authorization bypass via path normalization mismatch CWE-35 | 5.3AI | MediumAI | 2026-05-08 |
| CVE-2026-42273 | Heimdall: Case-sensitive host matching may lead to policy bypass CWE-436 | 5.3AI | MediumAI | 2026-05-08 |
| CVE-2026-42272 | Heimdall: Case-sensitive handling of URL-encoded slashes may lead to inconsistent path interpretation CWE-436 | 9.1AI | CriticalAI | 2026-05-08 |
| CVE-2026-32811 | Heimdall: Path received via Envoy gRPC corrupted when containing query string CWE-116 | 8.2 | High | 2026-03-20 |
| CVE-2025-54597 | Heimdall 跨站脚本漏洞 CWE-79 | 7.2 | High | 2025-07-27 |
All 5 known CVE vulnerabilities affecting heimdall with full Chinese analysis, references, and POCs where available.