Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-33732

srvx is a universal server based on web standards. Prior to version 0.11.13, a pathname parsing discrepancy in srvx's `FastURL` allows middleware bypass on the Node.js adapter when a raw HTTP request uses an absolute URI with a non-standard scheme (e.g. `file://`). Starting in version 0.11.13, the `FastURL` constructor now deopts to native `URL` for any string not starting with `/`, ensuring consistent pathname resolution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 13.5%
CVSS Severity
CVSS v3 Score 4.8
Products affected by CVE-2026-33732
  • H3 » Srvx » Version: 0.1.0
    cpe:2.3:a:h3:srvx:0.1.0
  • H3 » Srvx » Version: 0.1.1
    cpe:2.3:a:h3:srvx:0.1.1
  • H3 » Srvx » Version: 0.1.2
    cpe:2.3:a:h3:srvx:0.1.2
  • H3 » Srvx » Version: 0.1.3
    cpe:2.3:a:h3:srvx:0.1.3
  • H3 » Srvx » Version: 0.1.4
    cpe:2.3:a:h3:srvx:0.1.4
  • H3 » Srvx » Version: 0.10.0
    cpe:2.3:a:h3:srvx:0.10.0
  • H3 » Srvx » Version: 0.10.1
    cpe:2.3:a:h3:srvx:0.10.1
  • H3 » Srvx » Version: 0.11.0
    cpe:2.3:a:h3:srvx:0.11.0
  • H3 » Srvx » Version: 0.11.1
    cpe:2.3:a:h3:srvx:0.11.1
  • H3 » Srvx » Version: 0.11.10
    cpe:2.3:a:h3:srvx:0.11.10
  • H3 » Srvx » Version: 0.11.11
    cpe:2.3:a:h3:srvx:0.11.11
  • H3 » Srvx » Version: 0.11.12
    cpe:2.3:a:h3:srvx:0.11.12
  • H3 » Srvx » Version: 0.11.2
    cpe:2.3:a:h3:srvx:0.11.2
  • H3 » Srvx » Version: 0.11.3
    cpe:2.3:a:h3:srvx:0.11.3
  • H3 » Srvx » Version: 0.11.4
    cpe:2.3:a:h3:srvx:0.11.4
  • H3 » Srvx » Version: 0.11.5
    cpe:2.3:a:h3:srvx:0.11.5
  • H3 » Srvx » Version: 0.11.6
    cpe:2.3:a:h3:srvx:0.11.6
  • H3 » Srvx » Version: 0.11.7
    cpe:2.3:a:h3:srvx:0.11.7
  • H3 » Srvx » Version: 0.11.8
    cpe:2.3:a:h3:srvx:0.11.8
  • H3 » Srvx » Version: 0.11.9
    cpe:2.3:a:h3:srvx:0.11.9
  • H3 » Srvx » Version: 0.2.0
    cpe:2.3:a:h3:srvx:0.2.0
  • H3 » Srvx » Version: 0.2.1
    cpe:2.3:a:h3:srvx:0.2.1
  • H3 » Srvx » Version: 0.2.2
    cpe:2.3:a:h3:srvx:0.2.2
  • H3 » Srvx » Version: 0.2.3
    cpe:2.3:a:h3:srvx:0.2.3
  • H3 » Srvx » Version: 0.2.4
    cpe:2.3:a:h3:srvx:0.2.4
  • H3 » Srvx » Version: 0.2.5
    cpe:2.3:a:h3:srvx:0.2.5
  • H3 » Srvx » Version: 0.2.6
    cpe:2.3:a:h3:srvx:0.2.6
  • H3 » Srvx » Version: 0.2.7
    cpe:2.3:a:h3:srvx:0.2.7
  • H3 » Srvx » Version: 0.2.8
    cpe:2.3:a:h3:srvx:0.2.8
  • H3 » Srvx » Version: 0.3.0
    cpe:2.3:a:h3:srvx:0.3.0
  • H3 » Srvx » Version: 0.4.0
    cpe:2.3:a:h3:srvx:0.4.0
  • H3 » Srvx » Version: 0.5.0
    cpe:2.3:a:h3:srvx:0.5.0
  • H3 » Srvx » Version: 0.5.1
    cpe:2.3:a:h3:srvx:0.5.1
  • H3 » Srvx » Version: 0.5.2
    cpe:2.3:a:h3:srvx:0.5.2
  • H3 » Srvx » Version: 0.6.0
    cpe:2.3:a:h3:srvx:0.6.0
  • H3 » Srvx » Version: 0.7.0
    cpe:2.3:a:h3:srvx:0.7.0
  • H3 » Srvx » Version: 0.7.1
    cpe:2.3:a:h3:srvx:0.7.1
  • H3 » Srvx » Version: 0.7.2
    cpe:2.3:a:h3:srvx:0.7.2
  • H3 » Srvx » Version: 0.7.3
    cpe:2.3:a:h3:srvx:0.7.3
  • H3 » Srvx » Version: 0.7.4
    cpe:2.3:a:h3:srvx:0.7.4
  • H3 » Srvx » Version: 0.7.5
    cpe:2.3:a:h3:srvx:0.7.5
  • H3 » Srvx » Version: 0.8.0
    cpe:2.3:a:h3:srvx:0.8.0
  • H3 » Srvx » Version: 0.8.1
    cpe:2.3:a:h3:srvx:0.8.1
  • H3 » Srvx » Version: 0.8.10
    cpe:2.3:a:h3:srvx:0.8.10
  • H3 » Srvx » Version: 0.8.11
    cpe:2.3:a:h3:srvx:0.8.11
  • H3 » Srvx » Version: 0.8.12
    cpe:2.3:a:h3:srvx:0.8.12
  • H3 » Srvx » Version: 0.8.13
    cpe:2.3:a:h3:srvx:0.8.13
  • H3 » Srvx » Version: 0.8.14
    cpe:2.3:a:h3:srvx:0.8.14
  • H3 » Srvx » Version: 0.8.15
    cpe:2.3:a:h3:srvx:0.8.15
  • H3 » Srvx » Version: 0.8.16
    cpe:2.3:a:h3:srvx:0.8.16
  • H3 » Srvx » Version: 0.8.2
    cpe:2.3:a:h3:srvx:0.8.2
  • H3 » Srvx » Version: 0.8.3
    cpe:2.3:a:h3:srvx:0.8.3
  • H3 » Srvx » Version: 0.8.4
    cpe:2.3:a:h3:srvx:0.8.4
  • H3 » Srvx » Version: 0.8.5
    cpe:2.3:a:h3:srvx:0.8.5
  • H3 » Srvx » Version: 0.8.6
    cpe:2.3:a:h3:srvx:0.8.6
  • H3 » Srvx » Version: 0.8.7
    cpe:2.3:a:h3:srvx:0.8.7
  • H3 » Srvx » Version: 0.8.8
    cpe:2.3:a:h3:srvx:0.8.8
  • H3 » Srvx » Version: 0.8.9
    cpe:2.3:a:h3:srvx:0.8.9
  • H3 » Srvx » Version: 0.9.0
    cpe:2.3:a:h3:srvx:0.9.0
  • H3 » Srvx » Version: 0.9.1
    cpe:2.3:a:h3:srvx:0.9.1
  • H3 » Srvx » Version: 0.9.2
    cpe:2.3:a:h3:srvx:0.9.2
  • H3 » Srvx » Version: 0.9.3
    cpe:2.3:a:h3:srvx:0.9.3
  • H3 » Srvx » Version: 0.9.4
    cpe:2.3:a:h3:srvx:0.9.4
  • H3 » Srvx » Version: 0.9.5
    cpe:2.3:a:h3:srvx:0.9.5
  • H3 » Srvx » Version: 0.9.6
    cpe:2.3:a:h3:srvx:0.9.6
  • H3 » Srvx » Version: 0.9.7
    cpe:2.3:a:h3:srvx:0.9.7
  • H3 » Srvx » Version: 0.9.8
    cpe:2.3:a:h3:srvx:0.9.8


Products
Pricing
Contact Us

Shodan ® - All rights reserved