CVE-2026-34525 | aio-libs aiohttp up to 3.13.3 Header Host input validation (GHSA-c427-h43c-vf67)

A vulnerability described as problematic has been identified in aio-libs aiohttp up to 3.13.3. Affected by this vulnerability is an unknown functionality of the component Header Handler. Executing a manipulation of the argument Host can lead to improper input validation.

This vulnerability is tracked as CVE-2026-34525. The attack can be launched remotely. No exploit exists.

Upgrading the affected component is recommended.VulDB Recent EntriesRead More