aiohttp
OSS Librariesoss-project
Top products
Latest CVEs
The 15 most recently published vulnerabilities affecting aiohttp.
- CVE-2026-54273AIOHTTP: HTTP/1 Pipelined Requests Queue Without Limit7.5
- CVE-2026-54280AIOHTTP: Payload Response Resources Are Not Closed After Mid-Body Disconnect7.5
- CVE-2026-54278AIOHTTP: Unread Compressed Request Bodies Bypass client_max_size During Cleanup7.5
- CVE-2026-54277AIOHTTP: C HTTP Parser Bypasses max_line_size for Fragmented Lines7.5
- CVE-2026-54276AIOHTTP: DigestAuthMiddleware Applies Credentials to Cross-Origin Redirect Challenges6.1
- CVE-2026-54275AIOHTTP: TLS Server Hostname Override Is Ignored When Reusing HTTPS Connections7.5
- CVE-2026-54274AIOHTTP: Incomplete websocket frame payloads bypass memory limits7.5
- CVE-2026-54279AIOHTTP: Host-Only Cookies Become Domain Cookies After CookieJar Persistence7.5
- CVE-2026-50269AIOHTTP: CRLF injection in multipart headers7.5
- CVE-2026-47265AIOHTTP vulnerable to cross-origin redirect with per-request cookies7.5
- CVE-2026-34993AIOHTTP Vulnerable to Deserialization of Untrusted Data6.4
- CVE-2026-34525AIOHTTP: Duplicate Host header accepted5.3
- CVE-2026-34520AIOHTTP: C parser (llhttp) accepts null bytes and control characters in response header values - header injection / security bypass9.1
- CVE-2026-34519AIOHTTP: HTTP response splitting via \r in reason phrase5.3
- CVE-2026-34518AIOHTTP: Cookie and Proxy-Authorization headers leaked on cross-origin redirect5.3