cyberMEDIUM2026-05-05 09:16 UTC

CVE-2026-43870 - Apache Thrift: Node.js web_server.js multi-vulnerability

CVE ID :CVE-2026-43870 Published : May 5, 2026, 9:16 a.m. | 56 minutes ago Description :Origin Validation Error, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting'), Uncont

ORIGINAL SOURCE →via CVE Feed Latest

⚡ STAY AHEAD

Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.

GET THE SUNDAY BRIEFING →

RELATED · cyber

[CYBER] SnowFROC 2026: Secure Defaults, Real Trust, and a Better Layer on Top
[CYBER] npm Package Security — How to Find and Fix Vulnerable Dependencies in Your Node.js Application
[CYBER] Critical Remote Code Execution Vulnerability Patched in Android
[CYBER] The Onslaught: Why Nigeria's Volume of Cyber Attacks Is Overwhelming Defences
[CYBER] Pay2Key ransomware — any recovery path that’s actually worked?
[CYBER] Update WhatsApp now: Two new flaws could expose you to malicious files

Editorial policy · Report a correction