CVE-2026-48587 | Django up to 5.2.14/6.0.5 Response Header django.utils.cache.has_vary_header incomplete comparison with missing factors

SecurityVulns

A vulnerability marked as problematic has been reported in Django up to 5.2.14/6.0.5. Affected by this issue is the function django.utils.cache.has_vary_header of the component Response Header Handler. Performing a manipulation results in incomplete comparison with missing factors.

This vulnerability is reported as CVE-2026-48587. The attack is possible to be carried out remotely. No exploit exists.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More