VYPR

LWP::UserAgent

by LWP

CVEs (1)

  • CVE-2026-8368MedMay 12, 2026
    risk 0.35cvss 6.5epss 0.00

    LWP::UserAgent versions before 6.83 for Perl leak Authorization and Proxy-Authorization headers on cross-origin redirects. On a 3xx response, the redirect handler strips only Host and Cookie before issuing the follow-up request. Caller-supplied Authorization and…