VDB

GCVE-110-MAGEIA-2026-93

GCVE-110-MAGEIA-2026-93
Advisory Published
Vulnetix · Advisory published April 11, 2026
ASGI header spoofing via underscore/hyphen conflation. (CVE-2026-3902) Privilege abuse in ``GenericInlineModelAdmin``. (CVE-2026-4277) Privilege abuse in ``ModelAdmin.list_editable``. (CVE-2026-4292) Potential denial-of-service vulnerability in ``MultiPartParser`` via base64-encoded file upload. (CVE-2026-33033) Potential denial-of-service vulnerability in ASGI requests via memory upload limit bypass. (CVE-2026-33034)

Affected Products

VendorProductVersionsPlatforms
Mageiapython-django0 (affected), 4.1.13-1.12.mga9 (unaffected)

Browse GCVE Records

73,161 records in the GCVE database · Updated July 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›