By weakness (CWE)
CWE-1023: related vulnerabilities
CVEs classified under CWE-1023. Understanding the weakness class helps prioritize systemic fixes over one-off patches.
1 published vulnerability
- CVE-2026-48587LOW 3.1
Django's cache handling function has a flaw where whitespace in HTTP Vary headers isn't properly cleaned up before comparison. An attacker can exploit this by crafting requests that cause the application to serve cached responses intended for different users, potentially leaking sensitive information. The vulnerability affects Django 5.2 before version 5.2.15 and 6.0 before version 6.0.6, though older unsupported versions may also be vulnerable.