News

Application security news, updated daily (if there is any news to share).

Pingora fixes critical HTTP request smuggling in HTTP/1.0 and Transfer-Encoding parsing (CVE-2026-2835)

Cloudflare-published CVE-2026-2835 describes a critical Pingora request smuggling flaw that can desync proxy/backend request framing; upgrade to Pingora 0.8.0+.

NewsWeb SecurityInfrastructure

Yesterday

Loading news…

Content is AI-assisted and reviewed by our team, but issues may be missed and best practices evolve rapidly, send corrections to [email protected]. Always consult official documentation and validate key implementation decisions before making design or security choices.