PoC Archive PoC Archive

tag

CRLF-Injection

Medium
curl SMTP EXPN Recipient CRLF Command Injection
None assigned as of 2026-07-03· curl / libcurl (SMTP support) unpatched
Critical
cPanel & WHM Authentication Bypass via Session-File CRLF Injection (CVE-2026-41940)
CVE-2026-41940· cPanel & WHM patched