CVE-2026-34520 | aio-libs aiohttp up to 3.13.3 Control Character response splitting (GHSA-63hf-3vf5-4wqf)

A vulnerability marked as problematic has been reported in aio-libs aiohttp up to 3.13.3. Affected is an unknown function of the component Control Character Handler. Performing a manipulation results in http response splitting.

This vulnerability is identified as CVE-2026-34520. The attack can be initiated remotely. There is not any exploit available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More