CYBERSIXT Signal Over Noise
securityonline.info 6/23/2026, 4:10:48 AM · external

Tinyproxy flaws allow HTTP request smuggling, urge patch now

Tinyproxy flaws allow HTTP request smuggling, urge patch now
CyberSIXT Evidence Panel
Primary Source vulncheck.com
CVE Intel
CVE-2026-54388 - NVD Not in KEV 9.3 CRITICAL
CVE-2026-54387 - NVD Not in KEV 9.3 CRITICAL
CVE-2026-55202 - NVD Not in KEV 8.8 HIGH
CISA KEV Not in KEV
Patch Patch Available

TINYPROXY has three critical vulnerabilities (CVE-2026-54388, CVE-2026-54387, CVE-2026-55202) that could allow attackers to exploit HTTP request smuggling techniques. These flaws have a maximum CVSS severity score of 9.3 and can lead to request hijacking, making internal network structures vulnerable. Administrators are urged to update to the latest software versions immediately, as patches are available. No confirmed instances of these vulnerabilities being exploited in the wild have been reported.

View Primary Source Via securityonline.info

Article by CyberSIXT