1. CVE-2026-42606: AzuraCast Radio Suite Exposed by Trusted Header Flaw in Pre-0.23.6 Versions
A high-severity vulnerability tracked as CVE-2026-42606 has been disclosed in AzuraCast, a widely used self-hosted web radio management suite. Rated 8.1 on the CVSS scale, the flaw stems from the ApplyXForwarded middleware, which unconditionally trusts the client-supplied X-Forwarded-Host HTTP header without validating...