CVE-2026-24853 - Vulnerability Details - OpenCVE

Caido is a web security auditing toolkit. Prior to 0.55.0, Caido blocks non whitelisted domains to reach out through the 8080 port, and shows Host/IP is not allowed to connect to Caido on all endpoints. But this is bypassable by injecting a X-Forwarded-Host: 127.0.0.1:8080 header. This vulnerability is fixed in 0.55.0.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Caido	Caido

Configuration 1 [-]

cpe:2.3:a:caido:caido:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/caido/caido/security/advisories/GHSA-3q5q-p8vj-8783

History

Tue, 24 Feb 2026 20:45:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:a:caido:caido::::::::

Tue, 17 Feb 2026 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Mon, 16 Feb 2026 12:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Caido Caido caido
Vendors & Products		Caido Caido caido

Fri, 13 Feb 2026 22:45:00 +0000

Type	Values Removed	Values Added
Description		Caido is a web security auditing toolkit. Prior to 0.55.0, Caido blocks non whitelisted domains to reach out through the 8080 port, and shows Host/IP is not allowed to connect to Caido on all endpoints. But this is bypassable by injecting a X-Forwarded-Host: 127.0.0.1:8080 header. This vulnerability is fixed in 0.55.0.
Title		Caido has an insufficient patch for DNS rebind leading to RCE
Weaknesses		CWE-290
References		https://github.com/caido/caido/security/advisories/GHSA-3q5q-p8vj-8783
Metrics		cvssV3_1 `{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H'}`

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2026-02-13T22:19:47.142Z

Updated: 2026-02-17T15:08:07.180Z

Reserved: 2026-01-27T14:51:03.061Z

Link: CVE-2026-24853

Vulnrichment

Updated: 2026-02-17T15:08:02.885Z

NVD

Status : Analyzed

Published: 2026-02-13T23:16:11.800

Modified: 2026-02-24T20:32:18.710

Link: CVE-2026-24853

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-24853", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-01-27T14:51:03.061Z", "datePublished": "2026-02-13T22:19:47.142Z", "dateUpdated": "2026-02-17T15:08:07.180Z"}, "containers": {"cna": {"title": "Caido has an insufficient patch for DNS rebind leading to RCE", "problemTypes": [{"descriptions": [{"cweId": "CWE-290", "lang": "en", "description": "CWE-290: Authentication Bypass by Spoofing", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/caido/caido/security/advisories/GHSA-3q5q-p8vj-8783", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/caido/caido/security/advisories/GHSA-3q5q-p8vj-8783"}], "affected": [{"vendor": "caido", "product": "caido", "versions": [{"version": "< 0.55.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-02-13T22:19:47.142Z"}, "descriptions": [{"lang": "en", "value": "Caido is a web security auditing toolkit. Prior to 0.55.0, Caido blocks non whitelisted domains to reach out through the 8080 port, and shows Host/IP is not allowed to connect to Caido on all endpoints. But this is bypassable by injecting a X-Forwarded-Host: 127.0.0.1:8080 header. This vulnerability is fixed in 0.55.0."}], "source": {"advisory": "GHSA-3q5q-p8vj-8783", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-17T15:07:30.247005Z", "id": "CVE-2026-24853", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-17T15:08:07.180Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-24853", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-02-17T15:07:30.247005Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-17T15:08:02.885Z"}}], "cna": {"title": "Caido has an insufficient patch for DNS rebind leading to RCE", "source": {"advisory": "GHSA-3q5q-p8vj-8783", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "caido", "product": "caido", "versions": [{"status": "affected", "version": "< 0.55.0"}]}], "references": [{"url": "https://github.com/caido/caido/security/advisories/GHSA-3q5q-p8vj-8783", "name": "https://github.com/caido/caido/security/advisories/GHSA-3q5q-p8vj-8783", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "Caido is a web security auditing toolkit. Prior to 0.55.0, Caido blocks non whitelisted domains to reach out through the 8080 port, and shows Host/IP is not allowed to connect to Caido on all endpoints. But this is bypassable by injecting a X-Forwarded-Host: 127.0.0.1:8080 header. This vulnerability is fixed in 0.55.0."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-290", "description": "CWE-290: Authentication Bypass by Spoofing"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-02-13T22:19:47.142Z"}}}, "cveMetadata": {"cveId": "CVE-2026-24853", "state": "PUBLISHED", "dateUpdated": "2026-02-17T15:08:07.180Z", "dateReserved": "2026-01-27T14:51:03.061Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-02-13T22:19:47.142Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:caido:caido:*:*:*:*:*:*:*:*", "matchCriteriaId": "4F383B1E-8E9B-445B-8BDD-00C22BACA524", "versionEndExcluding": "0.55.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Caido is a web security auditing toolkit. Prior to 0.55.0, Caido blocks non whitelisted domains to reach out through the 8080 port, and shows Host/IP is not allowed to connect to Caido on all endpoints. But this is bypassable by injecting a X-Forwarded-Host: 127.0.0.1:8080 header. This vulnerability is fixed in 0.55.0."}, {"lang": "es", "value": "Caido es un kit de herramientas de auditor\u00eda de seguridad web. Antes de la versi\u00f3n 0.55.0, Caido bloquea los dominios no incluidos en la lista blanca para acceder a trav\u00e9s del puerto 8080, y muestra 'Host/IP no tiene permiso para conectarse a Caido' en todos los puntos finales. Pero esto es eludible inyectando una cabecera X-Forwarded-Host: 127.0.0.1:8080. Esta vulnerabilidad est\u00e1 corregida en la versi\u00f3n 0.55.0."}], "id": "CVE-2026-24853", "lastModified": "2026-02-24T20:32:18.710", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-02-13T23:16:11.800", "references": [{"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/caido/caido/security/advisories/GHSA-3q5q-p8vj-8783"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-290"}], "source": "security-advisories@github.com", "type": "Primary"}]}