{"vulnerability": "cve-2026-4975", "sightings": [{"uuid": "a4aa6002-ae93-473b-9027-bb54f843b16c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4975", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mi3c4sv2322d", "content": "", "creation_timestamp": "2026-03-27T23:40:10.822168Z"}, {"uuid": "972ddba4-a2f1-4b56-819b-ba929f70164b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4975", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3milrmxsszy2f", "content": "", "creation_timestamp": "2026-04-03T13:00:14.985924Z"}, {"uuid": "54a6bff1-7cda-4696-a9c0-a39ec1459a78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-4975", "type": "published-proof-of-concept", "source": "Telegram/wWPS0byCXjzJleEHKN6yjldptusIbQ1L7WvvuLFtEg9AE-Q", "content": "", "creation_timestamp": "2026-03-27T21:23:25.000000Z"}, {"uuid": "f37ee81b-781a-4308-9a38-ee938855dcf0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49756", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mns7prs24r2y", "content": "CVE-2026-49756 - Multipart form-data header injection in Req via unescaped name/filename/content_type\nCVE ID : CVE-2026-49756\n \n Published : June 8, 2026, 4:16 p.m. | 17\u00a0minutes ago\n \n Description : Improper Neutralization of CRLF Sequences ('CRLF Injection') vulnerability in ...", "creation_timestamp": "2026-06-08T17:34:18.004200Z"}, {"uuid": "9dbc6e47-6e85-479f-8905-4131bc08297a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49755", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mnsabozbgi2a", "content": "CVE-2026-49755 - Decompression bomb DoS in Req via auto-decoded archive and compressed response bodies\nCVE ID : CVE-2026-49755\n \n Published : June 8, 2026, 4:16 p.m. | 17\u00a0minutes ago\n \n Description : Improper Handling of Highly Compressed Data (Data Amplification) vulnerabilit...", "creation_timestamp": "2026-06-08T17:44:19.192829Z"}, {"uuid": "79c91906-963c-4123-b8be-7c3d88874c7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49757", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3modf7q5hpd23", "content": "CVE-2026-49757 - OAuth2/OIDC account takeover in AshAuthentication via email-based user matching\nCVE ID : CVE-2026-49757\n \n Published : June 15, 2026, 12:16 p.m. | 52\u00a0minutes ago\n \n Description : Authentication Bypass by Spoofing vulnerability in team-alembic AshAuthentication...", "creation_timestamp": "2026-06-15T13:27:57.766449Z"}, {"uuid": "b7b9ed23-15a5-4687-aea2-eab08dee1523", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-49757", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116755425881916574", "content": "\ud83d\udea8 CRITICAL: CVE-2026-49757 in ash_authentication lets attackers bypass auth by spoofing email in OAuth2/OIDC, risking local account takeover. Patch status unconfirmed \u2014 check vendor advisory. Affected: v0.1.0, 5.0.0-rc.0. https://radar.offseq.com/threat/cve-2026-49757-cwe-290-authentication-bypass-by-sp-5df5a500 #OffSeq #CVE202649757 #OAuth2 #infosec", "creation_timestamp": "2026-06-15T18:00:18.422466Z"}, {"uuid": "42e17bf1-289e-4c6f-b18f-325d9c9cbab9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-49757", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3modugpemgd2a", "content": "\ud83d\udea8 CRITICAL: team-alembic ash_authentication flaw lets attackers bypass OAuth2/OIDC login with email spoofing \u2014 full account takeover possible! Patch status unconfirmed. Check vendor advisory &amp; avoid email matching for auth. https://radar.offseq.com/threat/cve-2026-49757-cwe-290-authentication-byp...", "creation_timestamp": "2026-06-15T18:00:18.563178Z"}, {"uuid": "ab49548e-089c-4394-8373-33b86f09ba0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49757", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/116757330371949034", "content": "It is possible to see elevated activities targeting team-alembic ash_authentication (CVE-2026-49757) https://vuldb.com/vuln/370892/cti", "creation_timestamp": "2026-06-16T02:04:37.941126Z"}, {"uuid": "186f3236-af62-4a04-9697-f8dc556ca624", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49759", "type": "seen", "source": "https://bsky.app/profile/cyberowi.pl/post/3mokbedhmti25", "content": "\ud83d\udea8 Krytyczna luka DoS w Erlang/OTP zagra\u017ca systemom wysokiej dost\u0119pno\u015bci\n\nLuka CVE-2026-49759 z ocen\u0105 CVSS 8.2 mo\u017ce pozwoli\u0107 na zdalne wywo\u0142anie awarii w aplikacjach opartych o Erlang/OTP. Dotyczy\n\nhttps://cyberowi.pl/krytyczna-luka-dos-w-erlang-otp-zagraza-systemom-wysokiej/\n\n#cyberbezpieczenstwo", "creation_timestamp": "2026-06-18T07:07:36.828768Z"}, {"uuid": "688e5fea-0e9b-4a28-ae73-efe9795714cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-49754", "type": "published-proof-of-concept", "source": "https://github.com/elixir-mint/mint/security/advisories/GHSA-2p26-p43x-fhp8", "content": "", "creation_timestamp": "2026-07-10T00:35:16.905538Z"}, {"uuid": "cad41cd3-8b26-49f8-9148-a1217dbd6c3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-49753", "type": "published-proof-of-concept", "source": "https://github.com/elixir-mint/mint/security/advisories/GHSA-mjqx-c6f6-7rc2", "content": "", "creation_timestamp": "2026-07-10T00:35:19.212783Z"}, {"uuid": "7d342c9c-2f14-42e0-b495-644396fad958", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49754", "type": "seen", "source": "https://gist.github.com/alon710/e074ac5405ee20f6dd8bded11414265c", "content": "# CVE-2026-49754: CVE-2026-49754: Denial of Service via Unbounded HTTP/2 CONTINUATION Frame Accumulation in Elixir Mint\n\n&gt; **CVSS Score:** 8.2\n&gt; **Published:** 2026-07-09\n&gt; **Full Report:** https://cvereports.com/reports/CVE-2026-49754\n\n## Summary\nAn allocation of resources without limits or throttling vulnerability in Elixir Mint allows an attacker-controlled HTTP/2 server to exhaust memory in a Mint client. The vulnerability is exploited by sending a HEADERS frame without the END_HEADERS flag followed by an infinite stream of CONTINUATION frames. Because the client lacks limits on the incoming header-block accumulator, the client continuously consumes memory until an out-of-memory crash occurs.\n\n## TL;DR\nAn unauthenticated, remote attacker can crash any Elixir application utilizing the Mint client library to establish HTTP/2 connections by hosting a malicious server that streams an infinite series of HTTP/2 CONTINUATION frames.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-770\n- **Attack Vector**: Network\n- **CVSS v4.0 Score**: 8.2 (High)\n- **Exploit Maturity**: Proof-of-Concept (PoC)\n- **EPSS Score**: 0.00384\n- **CISA KEV Status**: Not Listed\n\n## Affected Systems\n\n- Applications utilizing the Elixir Mint HTTP client library for outbound HTTP/2 connections.\n- **mint**: &gt;= 0.1.0, &lt; 1.9.0 (Fixed in: `1.9.0`)\n\n## Mitigation\n\n- Upgrade the Mint library dependency to version 1.9.0 or higher.\n- Restrict connection protocols to HTTP/1.1 when connecting to external or untrusted endpoints to bypass the HTTP/2 continuation frame logic.\n- Implement deep packet inspection or proxy limits on outbound HTTP/2 connections to enforce strict limits on continuous framing sequences.\n\n**Remediation Steps:**\n1. Open the Elixir project configuration file `mix.exs`.\n2. Locate the `deps` definition and update the `mint` dependency requirement to version `~&gt; 1.9`.\n3. Run `mix deps.get` in your development terminal to download and integrate the updated version.\n4. Deploy the updated application build to production environments.\n5. For temporary emergency mitigations, modify connection calls in the application code to use the configuration option `protocols: [:http1]`.\n\n## References\n\n- [GitHub Advisory: Allocation of Resources Without Limits or Throttling in elixir-mint](https://github.com/elixir-mint/mint/security/advisories/GHSA-2p26-p43x-fhp8)\n- [Erlang Ecosystem Foundation Security Advisory](https://cna.erlef.org/cves/CVE-2026-49754.html)\n- [Open Source Vulnerability Database Entry](https://osv.dev/vulnerability/EEF-CVE-2026-49754)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-49754) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-07-10T03:12:07.016256Z"}, {"uuid": "d87b2d30-9455-4546-874c-a8251f62071d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49753", "type": "seen", "source": "https://gist.github.com/alon710/bc442ee88dc103da228f4212da5b648e", "content": "# CVE-2026-49753: CVE-2026-49753: HTTP Request/Response Smuggling via Inconsistent Content-Length Parsing in Elixir Mint Client\n\n&gt; **CVSS Score:** 6.3\n&gt; **Published:** 2026-07-09\n&gt; **Full Report:** https://cvereports.com/reports/CVE-2026-49753\n\n## Summary\nAn Inconsistent Interpretation of HTTP Requests (HTTP Request/Response Smuggling) vulnerability in the Elixir Mint HTTP client allows attacker-controlled HTTP/1 servers to desynchronize response framing on shared connections due to over-lenient parsing of sign-prefixed Content-Length headers.\n\n## TL;DR\nElixir Mint's parser accepted sign-prefixed Content-Length values (like '+100') due to using Integer.parse/1. Intermediaries strictly enforcing RFC 7230/9110 reject or reframe these headers, enabling HTTP response smuggling and connection poisoning.\n\n## Technical Details\n\n- **CWE ID**: CWE-444\n- **Attack Vector**: Network\n- **CVSS v4.0**: 6.3\n- **EPSS Score**: 0.00301\n- **Impact**: HTTP Request/Response Smuggling\n- **Exploit Status**: None\n- **KEV Status**: Not Listed\n\n## Affected Systems\n\n- elixir-mint/mint\n- **mint**: &gt;= 0.1.0, &lt; 1.9.0 (Fixed in: `1.9.0`)\n\n## Mitigation\n\n- Update elixir-mint/mint to version 1.9.0 or later.\n- Deploy strict WAF rules to drop sign-prefixed Content-Length headers.\n- Avoid connection pooling across distinct security context boundaries when interacting with untrusted upstream hosts.\n\n**Remediation Steps:**\n1. Identify projects using Mint by auditing mix.lock.\n2. Update mix.exs dependencies to require {:mint, '~&gt; 1.9.0'}.\n3. Run mix deps.get to fetch the patched version.\n4. Validate HTTP header processing in downstream environments to ensure strict RFC compliance.\n\n## References\n\n- [GHSA-mjqx-c6f6-7rc2 Security Advisory](https://github.com/elixir-mint/mint/security/advisories/GHSA-mjqx-c6f6-7rc2)\n- [Erlang Ecosystem Foundation CVE Entry](https://cna.erlef.org/cves/CVE-2026-49753.html)\n- [OSV Database Entry](https://osv.dev/vulnerability/EEF-CVE-2026-49753)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-49753) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-07-10T03:41:59.453584Z"}, {"uuid": "583becf8-e9bc-4ca3-acaf-f4690e7b811e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-49757", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mqbbkbvc622t", "content": "CVE-2026-55616 - Rejected reason: ** REJECT ** DO NOT USE THIS CAND\nCVE ID : CVE-2026-55616\n \n Published : July 10, 2026, 12:16 a.m. | 3\u00a0hours, 32\u00a0minutes ago\n \n Description : Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-49757. Reason: T...", "creation_timestamp": "2026-07-10T04:07:20.456133Z"}]}