CVE-2026-33149
Published: 26 March 2026
Summary
CVE-2026-33149 is a high-severity Improper Neutralization of HTTP Headers for Scripting Syntax (CWE-644) vulnerability in Tandoor Recipes. Its CVSS base score is 8.1 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 13.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 CM-6 (Configuration Settings) and SI-10 (Information Input Validation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Enforces secure configuration settings such as restricting ALLOWED_HOSTS to validated hosts, directly preventing acceptance of arbitrary Host headers.
Requires validation of HTTP Host header inputs to block crafted values used to poison server-generated absolute URLs like invite links.
Mandates timely remediation of flaws like improper Host header handling in Tandoor Recipes, including patching or configuration fixes.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The CVE describes a remotely exploitable vulnerability in a public-facing web application (Django-based Tandoor Recipes) allowing crafted Host headers to poison generated absolute URLs and steal invite tokens; this directly enables initial access via exploitation of the public-facing app per T1190.
NVD Description
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Versions up to and including 2.5.3 set ALLOWED_HOSTS = '*' by default, which causes Django to accept any value in the HTTP Host header without validation.…
more
The application uses request.build_absolute_uri() to generate absolute URLs in multiple contexts, including invite link emails, API pagination, and OpenAPI schema generation. An attacker who can send requests to the application with a crafted Host header can manipulate all server-generated absolute URLs. The most critical impact is invite link poisoning: when an admin creates an invite and the application sends the invite email, the link points to the attacker's server instead of the real application. When the victim clicks the link, the invite token is sent to the attacker, who can then use it at the real application. As of time of publication, it is unknown if a patched version is available.
Deeper analysisAI
CVE-2026-33149 affects Tandoor Recipes, an open-source application for managing recipes, planning meals, and building shopping lists, in versions up to and including 2.5.3. The vulnerability arises from the default configuration setting ALLOWED_HOSTS = '*', which causes the underlying Django framework to accept any value in the HTTP Host header without validation. The application uses request.build_absolute_uri() to generate absolute URLs in multiple contexts, including invite link emails, API pagination, and OpenAPI schema generation, enabling manipulation of these URLs via a crafted Host header.
An attacker who can send requests to the application with a crafted Host header can manipulate all server-generated absolute URLs. The most critical impact is invite link poisoning: when an admin creates an invite and the application sends the invite email, the link points to the attacker's server instead of the real application. When the victim clicks the link, the invite token is sent to the attacker, who can then use it at the real application to claim the invite. The CVSS v3.1 base score is 8.1 (AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N), mapped to CWE-644.
The primary reference is the GitHub security advisory at https://github.com/TandoorRecipes/recipes/security/advisories/GHSA-x636-4jx6-xc4w. As of the CVE publication date of 2026-03-26T19:17:02.967, it is unknown if a patched version is available.
Details
- CWE(s)