Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-93

CWE-93

Improper Neutralization of CRLF Sequences ('CRLF Injection')

Parent: CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

The product uses CRLF (carriage return line feeds) as a special element, e.g. to separate lines or records, but it does not neutralize or incorrectly neutralizes CRLF sequences from inputs.

135 vulnerabilities with CWE-93

CVE-2026-1527 MEDIUM

Undici - HTTP Request Smuggling

CVE-2026-3234 MEDIUM

mod_proxy_cluster - CRLF Injection

CVE-2026-3848 MEDIUM

GitLab CE/EE - SSRF

CVE-2026-30227 MEDIUM

MimeKit <4.15.1 - SMTP Command Injection

CVE-2026-29046 HIGH

TinyWeb <2.04 - Command Injection

CVE-2026-28296 MEDIUM

GVfs FTP Backend - Command Injection

CVE-2026-1714 HIGH

ShopLentor WooCommerce Builder - Email Relay Abuse

CVE-2026-1536 MEDIUM

Libsoup - HTTP Header Injection

CVE-2026-1467 MEDIUM

Libsoup - CRLF Injection

CVE-2026-24489 MEDIUM

Gakido <0.1.1 - Command Injection

CVE-2026-1299 MEDIUM

Email module - Header Injection

CVE-2026-23953 HIGH

Incus <6.20.0 - Command Injection

CVE-2026-0672 MEDIUM

http - Cookie Injection

CVE-2026-23829 MEDIUM

Mailpit <1.28.3 - Header Injection

CVE-2026-22777 HIGH

ComfyUI-Manager <3.39.2, <4.0.5 - Code Injection

CVE-2026-21428 HIGH

Yhirose Cpp-httplib < 0.30.0 - SSRF

CVE-2025-15282 MEDIUM

urllib < - SSRF

CVE-2025-11468 MEDIUM

Email Client - Info Disclosure

CVE-2025-67735 MEDIUM

Netty <4.1.129.Final, <4.2.8.Final - Request Smuggling

CVE-2025-14531 MEDIUM

code-projects Rental Management System 2.0 - CRLF Injection

CVE-2025-54972 MEDIUM

Fortinet FortiMail <7.6.3 - Crlf Injection

CVE-2025-59151 HIGH

Pi-hole Web Interface < 6.3 - XSS

CVE-2025-56007 MEDIUM

KeeneticOS <4.3 - Command Injection

CVE-2025-59419 MEDIUM

Io.netty Netty-codec-smtp < 4.2.7.Final - Command Injection

CVE-2025-61884 HIGH KEV

Oracle Configurator < 12.2.14 - SSRF

Previous Page 2 of 6 Next

Details

Vulnerabilities 135

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy