CVE-2026-40074

ADVISORY - github

Summary

redirect, when called from inside the handle server hook with a location parameter containing characters that are invalid in a HTTP header, will cause an unhandled TypeError. This could result in DoS on some platforms, especially if the location passed to redirect contains unsanitized user input.

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-755⁠

Improper Handling of Exceptional Conditions

ADVISORY - github

CWE-755⁠

Improper Handling of Exceptional Conditions

Impacted images

Advisories

NIST

CREATED

9 hours ago

UPDATED

9 hours ago

ADVISORY IDCVE-2026-40074⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)

CVSS SCORE

6.3medium

GitHub

CREATED

8 hours ago

UPDATED

6 hours ago

ADVISORY IDGHSA-3f6h-2hrp-w5wx⁠

EXPLOITABILITY SCORE

-

EXPLOITS FOUND

-

COMMON WEAKNESS ENUMERATION (CWE)

CVSS SCORE

6.3medium