| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-25480 | FileStore key canonicalization collisions allow response cache mixup/poisoning (ASCII ord + Unicode NFKD) | litestar-org | litestar | Medium | 6.5 | 2026-02-09 18:49:34 | Deep Dive |
| CVE-2026-25479 | Litestar has an AllowedHosts validation bypass due to unescaped regex metacharacters in configured host patterns | litestar-org | litestar | Medium | 6.5 | 2026-02-09 18:48:20 | Deep Dive |
| CVE-2026-25478 | Litestar has a CORS origin allowlist bypass due to unescaped regex metacharacters in allowed origins | litestar-org | litestar | High | 7.4 | 2026-02-09 18:46:56 | Deep Dive |
| CVE-2025-59152 | X-Forwarded-For Header Spoofing Bypasses Litestar Rate Limiting | litestar-org | litestar | High | 7.5 | 2025-10-06 15:23:13 | Deep Dive |
| CVE-2024-52581 | Litestar allows unbounded resource consumption (DoS vulnerability) | litestar-org | litestar | - | - | 2024-11-20 20:50:20 | Deep Dive |
| CVE-2024-42370 | Litestar repository vulnerable to Environment Variable injection in `docs-preview.yml` workflow | litestar-org | litestar | High | 8.3 | 2024-08-09 18:29:11 | Deep Dive |
| CVE-2024-32982 | Litestar and Starlite affected by Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') | litestar-org | litestar | High | 8.2 | 2024-05-06 14:38:11 | Deep Dive |