CVE Tools
Sign in

CVE-2026-47075

CR/LF injection in query parameter in hackney

Published: May 25, 2026Updated: May 28, 2026 Sources: CVE List NVDCWE-93
NVD MITRE
7.5CVSSHIGH
EPSS Score
0.4%
Top 69.1%
CISA KEV
Not in KEV
Exploits
No Known Exploits
Remediation
Patch Available

Description

Improper Neutralization of CRLF Sequences vulnerability in benoitc hackney allows HTTP Request Splitting. hackney does not percent-encode carriage return (\r) or line feed (\n) characters in the URL query component before constructing the HTTP/1.1 request target. Characters outside the grammar defined in RFC 3986 Section 3.4 must be percent-encoded, but hackney_url:make_url/3 passes the query binary directly without validation or escaping. An attacker who can control all or part of a URL passed to hackney can inject raw CRLF sequences into the query string, which are then sent as HTTP line breaks in the request target. This enables injection of arbitrary HTTP headers or splitting of the HTTP request. This issue affects hackney: from 0 before 4.0.1.

CVSS Vector Breakdown

AV:NAC:LPR:NUI:NS:UC:NI:HA:N
Exploitability
AV:NAttack Vector
Network
AC:LAttack Complexity
Low
PR:NPrivileges Required
None
UI:NUser Interaction
None
Scope
S:UScope
Unchanged
Impact
C:NConfidentiality
None
I:HIntegrity
High
A:NAvailability
None
Open in CVSS calculator →

Weaknesses

CWE-93

Affected Products

hackneybenoitc
Library
OSS Libraries / web-framework
benoitcoss-projectOSS Librariesaka benoitc/gunicorn, hackney, gunicorn

Exploitability

Official Patch Available

References

https://cna.erlef.org/cves/CVE-2026-47075.html
cna.erlef.org
https://github.com/benoitc/hackney/commit/ca73dd0aba0ed557449c18288bf07241671a43c9
github.com
https://github.com/benoitc/hackney/security/advisories/GHSA-j9wq-vxxc-94wf
github.com
and 1 more references View all →

Timeline

Published
May 25, 2026
Last Updated
May 28, 2026

Unlock Complete Vulnerability Intelligence

Get the full picture for CVE-2026-47075 and every CVE in our database. Create a free account — no credit card required.

Create Free Account
Plain-language analysis
Impact assessment and exploitation scenario in plain English
Attack graph visualization
Interactive attack path and kill chain mapping
Exploit details & PoC links
ExploitDB, Metasploit, GitHub PoCs with direct links
Nuclei scanner templates
Ready-to-use vulnerability scanner templates
Full remediation guide
Patch instructions, workarounds, and compliance impact
Interactive AI chat
Ask questions about this vulnerability in natural language
Related vulnerabilities
Semantically similar CVEs and attack patterns
REST API & MCP access
Integrate vulnerability data into your workflows