CVE-2026-2053: WSO2 API Manager WS-Addressing Header Manipulation Vulnerability
A critical vulnerability (CVE-2026-2053) in WSO2 API Manager's message flow component allows unauthenticated attackers to manipulate WS-Addressing headers, potentially leading to unauthorized access to internal network resources. The vulnerability has a CVSS score of 8.3 and is considered high severity. Affected versions include WSO2 API Manager 3.1.0 to 4.2.0. Immediate patching is recommended.