| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-29046 | TinyWeb: HTTP Header Control Character Injection into CGI Environment | maximmasiutin | TinyWeb | 高危 | - | 2026-03-06 02:54:11 | Deep Dive |
| CVE-2026-28497 | TinyWeb: Integer Overflow in `_Val` (HTTP Request Smuggling) | maximmasiutin | TinyWeb | 超危 | - | 2026-03-06 02:51:59 | Deep Dive |
| CVE-2026-27633 | TinyWeb has Unbounded Content-Length Memory Exhaustion (DoS) | maximmasiutin | TinyWeb | - | - | 2026-02-25 23:07:36 | Deep Dive |
| CVE-2026-27630 | TinyWeb vulnerable to Remote Denial of Service via Thread/Connection Exhaustion (Slowloris) | maximmasiutin | TinyWeb | - | - | 2026-02-25 23:05:17 | Deep Dive |
| CVE-2026-27613 | CGI Parameter Injection (Bypass of STRICT_CGI_PARAMS and EscapeShellParam) | maximmasiutin | TinyWeb | - | - | 2026-02-25 22:58:16 | Deep Dive |
| CVE-2026-22781 | TinyWeb CGI Command Injection | maximmasiutin | TinyWeb | - | - | 2026-01-12 18:23:01 | Deep Dive |
| CVE-2024-5193 | Ritlabs TinyWeb Server Request crlf injection | Ritlabs | TinyWeb Server | Medium | 5.3 | 2024-05-22 10:31:04 | Deep Dive |
| CVE-2024-3677 | Ultimate 410 Gone Status Code <= 1.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting | tinyweb | Ultimate 410 Gone Status Code | Medium | 6.4 | 2024-05-02 16:52:17 | Deep Dive |