All 6 CVE vulnerabilities found in TinyWeb, with AI-generated Chinese analysis, references, and POCs.
Vendor: maximmasiutin
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-29046 | TinyWeb: HTTP Header Control Character Injection into CGI Environment CWE-114 | 7.5 | - | 2026-03-06 |
| CVE-2026-28497 | TinyWeb: Integer Overflow in `_Val` (HTTP Request Smuggling) CWE-190 | 6.5 | - | 2026-03-06 |
| CVE-2026-27633 | TinyWeb has Unbounded Content-Length Memory Exhaustion (DoS) CWE-400 | 7.5AI | HighAI | 2026-02-25 |
| CVE-2026-27630 | TinyWeb vulnerable to Remote Denial of Service via Thread/Connection Exhaustion (Slowloris) CWE-400 | 7.5AI | HighAI | 2026-02-25 |
| CVE-2026-27613 | CGI Parameter Injection (Bypass of STRICT_CGI_PARAMS and EscapeShellParam) CWE-78 | 9.8AI | CriticalAI | 2026-02-25 |
| CVE-2026-22781 | TinyWeb CGI Command Injection CWE-78 | 9.8AI | CriticalAI | 2026-01-12 |
All 6 known CVE vulnerabilities affecting TinyWeb with full Chinese analysis, references, and POCs where available.