CVE-2026-24853
🔴 HIGHCaido is a web security auditing toolkit. Prior to 0.55.0, Caido blocks non whitelisted domains to reach out through the 8080 port, and shows Host/IP is not allowed to connect to Caido on all endpoint...
Description
Request Expert ReviewCaido is a web security auditing toolkit. Prior to 0.55.0, Caido blocks non whitelisted domains to reach out through the 8080 port, and shows Host/IP is not allowed to connect to Caido on all endpoints. But this is bypassable by injecting a X-Forwarded-Host: 127.0.0.1:8080 header. This vulnerability is fixed in 0.55.0.
CVSS Scores
References
Additional Information
- Source
- security-advisories@github.com
- State
- Undergoing analysis
Related CVEs
CVE-2026-3979
MEDIUMA flaw has been found in quickjs-ng quickjs up to 0.12.1. This affects the function js_iterator_concat_return of the file quickjs.c. This manipulation...
CVE-2026-3978
HIGHA vulnerability was detected in D-Link DIR-513 1.10. The impacted element is an unknown function of the file /goform/formEasySetupWizard3. The manipul...
CVE-2026-3977
MEDIUMA security vulnerability has been detected in projectsend up to r1945. The affected element is an unknown function of the component AJAX Endpoints. Th...
CVE-2026-3976
HIGHA weakness has been identified in Tenda W3 1.0.0.3(2204). Impacted is the function formWifiMacFilterSet of the file /goform/WifiMacFilterSet of the co...
CVE-2026-3975
HIGHA security flaw has been discovered in Tenda W3 1.0.0.3(2204). This issue affects the function formWifiMacFilterGet of the file /goform/WifiMacFilterG...
CVE-2026-3974
HIGHA vulnerability was identified in Tenda W3 1.0.0.3(2204). This vulnerability affects the function formexeCommand of the file /goform/exeCommand of the...
Share CVE-2026-24853
Share on Social Media
Copy Link
Embed Code
Request Expert Analysis
Request a professional security analysis for CVE-2026-24853 from our verified experts.
Credits System
Use your credits to get expert analysis from verified security professionals. Purchase more credits anytime!