11 Total advisories
11 Vulnerabilities
0 Malware
Vulnerabilities
HIGH 8.1
CVE-2026-48060
Litestar has HTML Injection Through its CSRF Token
MEDIUM 5.9
CVE-2026-48061
Litestar: AllowedHostsMiddleware bypasses host validation via client-controlled X-Forwarded-Host header
HIGH 7.5
CVE-2024-52581
Litestar allows unbounded resource consumption (DoS vulnerability)
HIGH 7.5
CVE-2024-52581
CVE-2024-52581
HIGH 7.4
CVE-2026-25478
Litestar's CORS origin allowlist has a bypass due to unescaped regex metacharacters in allowed origins
MEDIUM 6.5
CVE-2026-25480
Litestar's FileStore key canonicalization collisions allow response cache mixup/poisoning (ASCII ord + Unicode NFKD)
MEDIUM 6.5
CVE-2026-25479
Litestar's AllowedHosts has a validation bypass due to unescaped regex metacharacters in configured host patterns
HIGH 7.5
CVE-2025-59152
Litestar X-Forwarded-For Header Spoofing Vulnerability Enables Rate Limit Evasion
LOW 3.7
GHSA-674p-xv2x-rf3g
Litestar has potential log injection in exception logging
HIGH 8.3
CVE-2024-42370
Withdrawn Advisory: Litestar has an environment Variable injection in `docs-preview.yml` workflow
HIGH 8.2
CVE-2024-32982
Litestar and Starlite vulnerable to Path Traversal
Ready to move
Start Securing
Free, no credit card | First findings in minutes