MehranTurk (M.T)

2 exploits Active since Apr 2026
CVE-2026-31908 GITHUB CRITICAL python WORKING POC
Apache APISIX: forward auth plugin allows header injection
Header injection vulnerability in Apache APISIX. The attacker can take advantage of certain configuration in forward-auth plugin to inject malicious headers. This issue affects Apache APISIX: from 2.12.0 through 3.15.0. Users are recommended to upgrade to version 3.16.0, which fixes the issue.
4 stars
CVSS 9.1
CVE-2026-31908 NOMISEC CRITICAL WORKING POC
Apache APISIX: forward auth plugin allows header injection
Header injection vulnerability in Apache APISIX. The attacker can take advantage of certain configuration in forward-auth plugin to inject malicious headers. This issue affects Apache APISIX: from 2.12.0 through 3.15.0. Users are recommended to upgrade to version 3.16.0, which fixes the issue.
1 stars
CVSS 9.1