Wei-Shaw sub2api up to 0.1.84 Endpoint escape output

Summaryinfo

A vulnerability was found in Wei-Shaw sub2api up to 0.1.84. It has been classified as critical. This affects an unknown part of the component Endpoint. Performing a manipulation results in escape output. This vulnerability is reported as CVE-2026-27812. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is recommended.

Detailsinfo

A vulnerability classified as critical has been found in Wei-Shaw sub2api up to 0.1.84. This affects an unknown code block of the component Endpoint. The manipulation with an unknown input leads to a escape output vulnerability. CWE is classifying the issue as CWE-116. The product prepares a structured message for communication with another component, but encoding or escaping of the data is either missing or done incorrectly. As a result, the intended structure of the message is not preserved. This is going to have an impact on confidentiality, integrity, and availability. The summary by CVE is:

Sub2API is an AI API gateway platform designed to distribute and manage API quotas from AI product subscriptions. A vulnerability in versions prior to 0.1.85 is a Password Reset Poisoning (Host Header / Forwarded Header trust issue), which allows attackers to manipulate the password reset link. Attackers can exploit this flaw to inject their own domain into the password reset link, leading to the potential for account takeover. The vulnerability has been fixed in version v0.1.85. If upgrading is not immediately possible, users can mitigate the vulnerability by disabling the "forgot password" feature until an upgrade to a patched version can be performed. This will prevent attackers from exploiting the vulnerability via the affected endpoint.

The advisory is shared at github.com. This vulnerability is uniquely identified as CVE-2026-27812 since 02/24/2026. The exploitability is told to be easy. It is possible to initiate the attack remotely. No form of authentication is needed for exploitation. Neither technical details nor an exploit are publicly available.

Upgrading to version 0.1.85 eliminates this vulnerability.

The vulnerability is also documented in the vulnerability database at EUVD (EUVD-2026-8782). If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Productinfo

Vendor

• Wei-Shaw

Name

• sub2api

Version

• 0.1.0
• 0.1.1
• 0.1.2
• 0.1.3
• 0.1.4
• 0.1.5
• 0.1.6
• 0.1.7
• 0.1.8
• 0.1.9
• 0.1.10
• 0.1.11
• 0.1.12
• 0.1.13
• 0.1.14
• 0.1.15
• 0.1.16
• 0.1.17
• 0.1.18
• 0.1.19
• 0.1.20
• 0.1.21
• 0.1.22
• 0.1.23
• 0.1.24
• 0.1.25
• 0.1.26
• 0.1.27
• 0.1.28
• 0.1.29
• 0.1.30
• 0.1.31
• 0.1.32
• 0.1.33
• 0.1.34
• 0.1.35
• 0.1.36
• 0.1.37
• 0.1.38
• 0.1.39
• 0.1.40
• 0.1.41
• 0.1.42
• 0.1.43
• 0.1.44
• 0.1.45
• 0.1.46
• 0.1.47
• 0.1.48
• 0.1.49
• 0.1.50
• 0.1.51
• 0.1.52
• 0.1.53
• 0.1.54
• 0.1.55
• 0.1.56
• 0.1.57
• 0.1.58
• 0.1.59
• 0.1.60
• 0.1.61
• 0.1.62
• 0.1.63
• 0.1.64
• 0.1.65
• 0.1.66
• 0.1.67
• 0.1.68
• 0.1.69
• 0.1.70
• 0.1.71
• 0.1.72
• 0.1.73
• 0.1.74
• 0.1.75
• 0.1.76
• 0.1.77
• 0.1.78
• 0.1.79
• 0.1.80
• 0.1.81
• 0.1.82
• 0.1.83
• 0.1.84

Website

• Product: https://github.com/Wei-Shaw/sub2api/

CPE 2.3info

• 🔒
• 🔒
• 🔒

CPE 2.2info

• 🔒
• 🔒
• 🔒

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Discussion