Skip to content
cyberMEDIUM2026-05-01 21:16 UTC

CVE-2026-39807 - Client-supplied URI scheme trusted without transport verification in bandit

CVE ID :CVE-2026-39807 Published : May 1, 2026, 9:16 p.m. | 50 minutes ago Description :Reliance on Untrusted Inputs in a Security Decision vulnerability in mtrudel bandit allows unauthenticated transport-state spoofing on plaintext HTTP connections. 'Elixir.Bandit.Pipeline':determine_scheme/

ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD

Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.

GET THE SUNDAY BRIEFING →

RELATED · cyber

Editorial policy · Report a correction