VDB
GCVE-110-MAGEIA-2026-226
GCVE-110-MAGEIA-2026-226
Advisory Published
CVE-2026-26961 Greedy multipart boundary parsing can cause parser
differentials and WAF bypass. `Forwarded` header semicolon injection
enables `Host` and `Scheme` spoofing.
CVE-2026-34230 Quadratic complexity in
`Rack::Utils.select_best_encoding` via wildcard `Accept-Encoding`
header.
CVE-2026-34763 Root directory disclosure via unescaped regex
interpolation in `Rack::Directory`.
CVE-2026-34785 `Rack::Static` prefix matching can expose unintended
files under the static root.
CVE-2026-34786 `Rack::Static` `header_rules` bypass via URL-encoded path
mismatch.
CVE-2026-34826 Multipart byte range processing allows denial of service
via excessive overlapping ranges.
CVE-2026-34827 Multipart header parsing allows denial of service via
escape-heavy quoted parameters.
CVE-2026-34829 Multipart parsing without `Content-Length` header allows
unbounded chunked file uploads.
CVE-2026-34830 `Rack::Sendfile` header-based `X-Accel-Mapping` regex
injection enables unauthorized `X-Accel-Redirect`.
CVE-2026-34831 `Content-Length` mismatch in `Rack::Files` error
responses.
CVE-2026-34835 `Rack::Request` accepts invalid Host characters, enabling
host allowlist bypass.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | ruby-rack | 0 (affected), 2.2.23-1.mga9 (unaffected) | — |
References
Browse GCVE Records
73,443 records in the GCVE database · Updated July 18, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.