CVE-2026-34835Improper Validation of Syntactic Correctness of Input in Rack

CWE-1286Improper Validation of Syntactic Correctness of Input394 documents8 sources
Severity
6.5MEDIUMNVD
CNA4.8
EPSS
0.1%
top 71.88%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Rack
Timeline
PublishedApr 2
Latest updateApr 17

Description

Rack is a modular Ruby web server interface. From versions 3.0.0.beta1 to before 3.1.21, and 3.2.0 to before 3.2.6, Rack::Request parses the Host header using an AUTHORITY regular expression that accepts characters not permitted in RFC-compliant hostnames, including /, ?, #, and @. Because req.host returns the full parsed value, applications that validate hosts using naive prefix or suffix checks can be bypassed. This can lead to host header poisoning in applications that use req.host, req.url,

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:NExploitability: 3.9 | Impact: 2.5

Affected Packages3 packages

NVDrack/rack3.0.03.1.21+1
RubyGemsrack/rack3.0.0.beta13.1.21+1
CVEListV5rack/rack>= 3.0.0.beta1, < 3.1.21, >= 3.2.0, < 3.2.6+1

🔴Vulnerability Details

5
OSV
CVE-2026-34835: (Rack is a modular Ruby web server interface2026-04-03
GHSA
Rack::Request accepts invalid Host characters, enabling host allowlist bypass2026-04-02
OSV
Rack::Request accepts invalid Host characters, enabling host allowlist bypass2026-04-02
CVEList
Rack: `Rack::Request` accepts invalid Host characters, enabling host allowlist bypass.2026-04-02
OSV
CVE-2026-34835: Rack is a modular Ruby web server interface2026-04-02

📋Vendor Advisories

3
Ubuntu
Rack vulnerabilities2026-04-17
Red Hat
rack: Rack: Host header poisoning due to malformed Host header bypasses validation2026-04-02
Debian
CVE-2026-34835: ruby-rack - Rack is a modular Ruby web server interface. From versions 3.0.0.beta1 to before...2026

🕵️Threat Intelligence

385
Wiz
CVE-2026-33635 Impact, Exploitability, and Mitigation Steps | Wiz
Wiz
CVE-2026-24853 Impact, Exploitability, and Mitigation Steps | Wiz
Wiz
CVE-2025-9293 Impact, Exploitability, and Mitigation Steps | Wiz
Wiz
CVE-2026-33542 Impact, Exploitability, and Mitigation Steps | Wiz
Wiz
CVE-2026-28363 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-34835 — Rack vulnerability | cvebase