High severity8.3NVD Advisory· Published May 13, 2026· Updated May 14, 2026
CVE-2026-32993
CVE-2026-32993
Description
Improper sanitization of the status query parameter of the /unprotected/nova_error endpoint allows unauthenticated attacker to inject arbitrary HTTP header to the response.
Affected products
1Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.