CVE-2026-45135 in caddyinfo

Prediction

by VulDB Data Team • 05/19/2026

A vulnerability was detected in caddyserver caddy 2.11.1/2.11.2. This affects the function splitPos of the component FastCGI. The manipulation results in improper handling of unicode encoding. The attack can be launched remotely. Upgrading to version 2.11.3 is able to mitigate this issue. The affected component should be upgraded.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Moderation

accepted

Entry

VDB-364543

CPE

ready

CWE

CWE-176 (confirmed)

CVSS

5.6 (VulDB)

EPSS

0.00000

KEV

Activities

very low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-45135
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-45135
CVE Details	https://www.cvedetails.com/cve/CVE-2026-45135/

◂ Previous Overview Next ▸

Interested in the pricing of exploits?

See the underground prices here!