Apache HttpClient — Vulnerabilities & Security Advisories 2

All 2 CVE vulnerabilities found in Apache HttpClient, with AI-generated Chinese analysis, references, and POCs.

Vendor: n/a

CVE ID	Title	CVSS	Severity	Published
CVE-2026-40542	Apache HttpClient: SCRAM-SHA-256 mutual authentication bypass may cause the client to accept authentication without proper mutual authentication verification CWE-304	9.1^AI	Critical^AI	2026-04-22
CVE-2020-13956	Apache HttpClient 安全漏洞	5.3	-	2020-12-02

All 2 known CVE vulnerabilities affecting Apache HttpClient with full Chinese analysis, references, and POCs where available.