Vulnerability in Elixir-mint Mint

CVE-2026-48861

Improper Neutralization of CRLF Sequences ('CRLF Injection') vulnerability in elixir-mint Mint allows HTTP Request Splitting and HTTP Request Smuggling. In lib/mint/http1/request.ex, the encode_request_line/2 function splices the caller-s…

Vulnerability class: CRLF Injection

EPSS: 0.000 (6.2th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References