CVE-2026-6874 in copilot-apiالمعلومات

الملخص

بحسب MITRE • 23/04/2026

A vulnerability was determined in ericc-ch copilot-api up to 0.7.0. This impacts an unknown function of the file /token of the component Header Handler. Executing a manipulation of the argument Host can lead to reliance on reverse dns resolution. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

مسؤول

VulDB

إفشاء

23/04/2026

الاعتدال

تمت الموافقة

إدخال

VDB-359039

CPE

جاهز

CWE

CWE-350 (مؤكد)

استغلال

تحميل

CVSS

4.3 (VulDB)

EPSS

0.00011

KEV

لا

النشاطات

منخفض جدًا

القطاع

Chemical, Telecommunication, ...

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-6874
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-6874
CVE Details	https://www.cvedetails.com/cve/CVE-2026-6874/

التالي ▸نظرة عامة ◂ السابق

Do you want to use VulDB in your project?

Use the official API to access entries easily!