1. Tinyproxy 1.11.3 HTTP Request Parsing Desynchronization Vulnerability (CVE-2026-31842)
A critical vulnerability in Tinyproxy, tracked as CVE-2026-31842, exposes the proxy server to HTTP request parsing desynchronization attacks. The flaw stems from a case-sensitive comparison of the Transfer-Encoding header, allowing a remote, unauthenticated attacker to manipulate how the server interprets and forwards ...