Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-54387
PUBLISHED
More InfoOfficial Page
Assigner-VulnCheck
Assigner Org ID-83251b91-4cc7-4094-a5c7-464a1b83ea10
View Known Exploited Vulnerability (KEV) details
Published At-17 Jun, 2026 | 19:48
Updated At-23 Jun, 2026 | 16:16
Rejected At-
▼CVE Numbering Authority (CNA)
Tinyproxy - HTTP Request Smuggling via CL/TE Desynchronization

Tinyproxy through 1.11.3, fixed in commit ff45d3b, fails to reconcile conflicting Content-Length and Transfer-Encoding: chunked headers, forwarding both verbatim to the backend while using Content-Length to determine how many request body bytes to consume. Remote attackers can desynchronize the proxy and backend parser state, allowing injection of arbitrary HTTP requests to the backend to enable cache poisoning, access control bypass, and request hijacking.

Affected Products
Vendor
tinyproxy
Product
tinyproxy
Repo
https://github.com/tinyproxy/tinyproxy
Default Status
affected
Versions
Affected
  • From 0 through 1.11.3 (semver)
Unaffected
  • ff45d3bf0e61d0f8ed97ab379d3047f04eb67521 (git)
Problem Types
TypeCWE IDDescription
CWECWE-444Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
Type: CWE
CWE ID: CWE-444
Description: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
Metrics
VersionBase scoreBase severityVector
4.09.3CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
3.19.1CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Version: 4.0
Base score: 9.3
Base severity: CRITICAL
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
Version: 3.1
Base score: 9.1
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
finder
Tristan Madani (@TristanInSec)
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/tinyproxy/tinyproxy/issues/609
issue-tracking
https://github.com/tinyproxy/tinyproxy/pull/610
issue-tracking
https://github.com/tinyproxy/tinyproxy/commit/ff45d3bf0e61d0f8ed97ab379d3047f04eb67521
patch
https://www.vulncheck.com/advisories/tinyproxy-http-request-smuggling-via-cl-te-desynchronization
third-party-advisory
Hyperlink: https://github.com/tinyproxy/tinyproxy/issues/609
Resource:
issue-tracking
Hyperlink: https://github.com/tinyproxy/tinyproxy/pull/610
Resource:
issue-tracking
Hyperlink: https://github.com/tinyproxy/tinyproxy/commit/ff45d3bf0e61d0f8ed97ab379d3047f04eb67521
Resource:
patch
Hyperlink: https://www.vulncheck.com/advisories/tinyproxy-http-request-smuggling-via-cl-te-desynchronization
Resource:
third-party-advisory
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found