HomeCVE Intelligence › CVE-2026-50194
CVSS 8.2 HIGH Vulnerability

CVE-2026-50194: Steeltoe vulnerable to management-port isolation bypass via spoofed Host header

Summary When Steeltoe management endpoints are configured to listen on an alternate port (Management:Endpoints:Port is configured), the middleware responsible for restricting access to the endpoints uses the Host HTTP h…

8.2CVSS Score
HIGHSeverity
NOCISA KEV
VulnerabilityImpact Type

📋 Vulnerability Details

CVE IDCVE-2026-50194
Vendornuget
Affected ProductSteeltoe.Management.Endpoint
Vulnerability TypeVulnerability
CVSS Score8.2 (HIGH)
Actively Exploited❌ No known exploitation
Patch StatusSee Vendor Advisory →
Reported ByCYBERDUDEBIVASH SENTINEL APEX Intelligence (via github_advisories)

🔬 Technical Analysis

#

Summary When Steeltoe management endpoints are configured to listen on an alternate port (Management:Endpoints:Port is configured), the middleware responsible for restricting access to the endpoints uses the Host HTTP header rather than the actual network socket port.

Impact An unauthenticated remote attacker can reach every actuator endpoint using a specially crafted HTTP request.

Affected configuration - The application's public port is accessible over from the network.

Management:Endpoints:Port is configured to a value different from the application's main listener port.
• The request scheme matches Management:Endpoints:SslEnabled. For example, http when SslEnabled is false (the default), or https when SslEnabled is true.

Mitigations If an immediate

📚 Advisory References

⚡ DETECTION RULES AVAILABLE

Get CVE-2026-50194 Detection Pack

Sigma rules, YARA signatures, IOC table, and SIEM queries for Splunk, Elastic, Sentinel, and Chronicle — deployable in 5 minutes.

✓ Sigma Rules ✓ YARA Pack ✓ IOC Table ✓ SIEM Queries
🛡️ Get Detection Pack → 🔌 Access via API →

🔗 Related Intelligence