CVE-2026-4742

Source
https://cve.org/CVERecord?id=CVE-2026-4742
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-4742.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-4742
Published
2026-03-24T03:24:06.460Z
Modified
2026-07-08T08:13:48.060663340Z
Severity
  • 2.9 (Low) CVSS_V4 - CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:N/E:P/S:N/AU:N/R:U/V:D/RE:L/U:Green CVSS Calculator
Summary
HTTP Request Smuggling in visualfc/liteide
Details

Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') vulnerability in visualfc liteide (liteidex/src/3rdparty/qjsonrpc/src/http-parser modules). This vulnerability is associated with program files http_parser.C.

This issue affects liteide: before x38.4.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/4xxx/CVE-2026-4742.json",
    "cna_assigner": "GovTech CSG",
    "cwe_ids": [
        "CWE-444"
    ]
}
References

Affected packages

Git / github.com/visualfc/liteide

Affected ranges

Type
GIT
Repo
https://github.com/visualfc/liteide
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "source": [
        "AFFECTED_FIELD",
        "DESCRIPTION"
    ],
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "x38.4"
        }
    ]
}

Affected versions

Other
X25
x15
x16
x17
x18
x19
x25
x26
x27
x28
x29
x30
x31
x32
x33
x34
x35
x36
x37
x15.*
x15.1
x15.2
x18.*
x18.1
x18.2
x25.*
x25.1
x25.2
x27.*
x27.1
x27.2
x27.2.1
x30.*
x30.1
x30.2
x30.3
x31.*
x31.1
x32.*
x32.1
x32.2
x33.*
x33.1
x33.2
x33.3
x34.*
x34.1
x34.2
x34.3
x35.*
x35.1
x35.2
x35.3
x35.4
x35.5
x36.*
x36.1
x36.2
x36.3
x37.*
x37.1
x37.2
x37.3
x37.4
x38.*
x38.0
x38.1
x38.2
x38.2.1
x38.3

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-4742.json"