CVE-2026-34525

Published April 1st, 2026

View on NVD ↗

CVSS v3

5.3

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, multiple Host headers were allowed in aiohttp. This issue has been patched in version 3.13.4.

aio-libs/aiohttp

Asynchronous HTTP client/server framework for asyncio and Python

GitHub

16.4K