Vulnerability in Dadrus Heimdall

CVE-2026-42272

Heimdall is a cloud native Identity Aware Proxy and Access Control Decision service. Prior to version 0.17.14, Heimdall handles URL-encoded slashes (%2F) in a case-sensitive manner, while percent-encoding is defined to be case-insensitive…

EPSS: 0.000 (4.9th percentile) — read the EPSS interpretation.