CVE-2026-6994: Envoy Query Parameter header_mutation.cc params.add injection

Q: What is the severity of CVE-2026-6994?

CVE-2026-6994 is considered a moderate severity vulnerability due to its potential for query parameter injection.

Q: How do I fix CVE-2026-6994?

To mitigate CVE-2026-6994, upgrade Envoy to version 1.34.0 or later, which addresses this vulnerability.

Q: What software is affected by CVE-2026-6994?

CVE-2026-6994 affects Envoy versions up to and including 1.33.0.

Q: What type of vulnerability is CVE-2026-6994?

CVE-2026-6994 is a weakness in the Query Parameter Handler related to potential injection attacks.

Q: How does CVE-2026-6994 impact security?

CVE-2026-6994 can allow attackers to manipulate HTTP headers, potentially leading to unauthorized access or data exfiltration.

Published Apr 25, 2026

Updated

A weakness has been identified in Envoy up to 1.33.0. Affected is the function params.add of the file source/extensions/filters/http/header_mutation/header_mutation.cc of the component Query Parameter Handler. This manipulation causes injection. Remote exploitation of the attack is possible. Patch name: f8f4f1e02fdc64ecd4acf2d903208dd7285ad3a4. It is suggested to install a patch to address this issue.

Affected Software

1 affected component

Envoy Envoy<=1.33.0

Event History

Apr 25, 2026

CVE Published

via MITRE·07:00 PM

Data Sourced

via MITRE·07:00 PM

DescriptionSeverityWeakness

Data Sourced

via NVD·07:16 PM

DescriptionSeverityWeakness

Jun 27, 58285

Event

via NVD·06:44 AM

Frequently Asked Questions

What is the severity of CVE-2026-6994?

CVE-2026-6994 is considered a moderate severity vulnerability due to its potential for query parameter injection.

How do I fix CVE-2026-6994?

To mitigate CVE-2026-6994, upgrade Envoy to version 1.34.0 or later, which addresses this vulnerability.

What software is affected by CVE-2026-6994?

CVE-2026-6994 affects Envoy versions up to and including 1.33.0.

What type of vulnerability is CVE-2026-6994?

CVE-2026-6994 is a weakness in the Query Parameter Handler related to potential injection attacks.

How does CVE-2026-6994 impact security?

CVE-2026-6994 can allow attackers to manipulate HTTP headers, potentially leading to unauthorized access or data exfiltration.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.