VDB

GCVE-110-MAGEIA-2026-226

GCVE-110-MAGEIA-2026-226
Advisory Published
Vulnetix · Advisory published June 18, 2026
CVE-2026-26961 Greedy multipart boundary parsing can cause parser differentials and WAF bypass. `Forwarded` header semicolon injection enables `Host` and `Scheme` spoofing. CVE-2026-34230 Quadratic complexity in `Rack::Utils.select_best_encoding` via wildcard `Accept-Encoding` header. CVE-2026-34763 Root directory disclosure via unescaped regex interpolation in `Rack::Directory`. CVE-2026-34785 `Rack::Static` prefix matching can expose unintended files under the static root. CVE-2026-34786 `Rack::Static` `header_rules` bypass via URL-encoded path mismatch. CVE-2026-34826 Multipart byte range processing allows denial of service via excessive overlapping ranges. CVE-2026-34827 Multipart header parsing allows denial of service via escape-heavy quoted parameters. CVE-2026-34829 Multipart parsing without `Content-Length` header allows unbounded chunked file uploads. CVE-2026-34830 `Rack::Sendfile` header-based `X-Accel-Mapping` regex injection enables unauthorized `X-Accel-Redirect`. CVE-2026-34831 `Content-Length` mismatch in `Rack::Files` error responses. CVE-2026-34835 `Rack::Request` accepts invalid Host characters, enabling host allowlist bypass.

Affected Products

VendorProductVersionsPlatforms
Mageiaruby-rack0 (affected), 2.2.23-1.mga9 (unaffected)

Browse GCVE Records

73,443 records in the GCVE database · Updated July 18, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›