CVE-2026-16117 | fastify http-proxy up to 11.5.0 Prefix Rewrite request.url replace prefix input validation

SecurityVulns

A vulnerability was found in fastify http-proxy up to 11.5.0. It has been classified as critical. Impacted is the function replace of the file request.url of the component Prefix Rewrite. This manipulation of the argument prefix causes improper input validation.

This vulnerability is tracked as CVE-2026-16117. The attack is possible to be carried out remotely. No exploit exists.VulDB Recent EntriesRead More