CVE-2026-44928 LOW

CVE-2026-44928

Vendor Uriparser
Product uriparser
Weakness CWE-670
Published May 8, 2026
Last update May 10, 2026

CVSS base score

2.9/10
Attack vector Local
Attack complexity High
Privileges required None
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

In uriparser before 1.0.2, the function family EqualsUri can misclassify two unequal URIs as equal.

Key dates

02Disclosure timeline

May 8, 2026 CVE published
May 10, 2026 Record updated