CVE-2026-6874 in copilot-apiИнформация

Сводка

по MITRE • 23.04.2026

A vulnerability was determined in ericc-ch copilot-api up to 0.7.0. This impacts an unknown function of the file /token of the component Header Handler. Executing a manipulation of the argument Host can lead to reliance on reverse dns resolution. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Ответственный

VulDB

Раскрытие

23.04.2026

Модерация

принято

Вход

VDB-359039

CPE

готов

CWE

CWE-350 (Подтверждённый)

Эксплойт

Скачать

CVSS

4.3 (VulDB)

EPSS

0.00011

KEV

Нет

Деятельности

Очень низкий

Сектор

Energy, Agriculture, ...

Источники

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-6874
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-6874
CVE Details	https://www.cvedetails.com/cve/CVE-2026-6874/

◂ Предыдущий Обзор Далее ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!