CVE-2026-26234 – JUNG Smart Visu Server – Improper Neutralization of HTTP Headers for Scripting Syntax

CVE ID : CVE-2026-26234

Published : Feb. 12, 2026, 2:31 a.m. | 1 hour, 54 minutes ago

Description : JUNG Smart Visu Server 1.1.1050 contains a request header manipulation vulnerability that allows unauthenticated attackers to override request URLs by injecting arbitrary values in the X-Forwarded-Host header. Attackers can manipulate proxied requests to generate tainted responses, enabling cache poisoning, potential phishing, and redirecting users to malicious domains.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…