CVE-2026-21876 is a web application firewall detection bypass vulnerability in the OWASP Core Rule Set (CRS). In CRS versions prior to 4.22.0 and 3.3.8, rule 922110 incorrectly handles multipart HTTP requests containing multiple parts when the first rule in a chain iterates over a collection such as multipart part headers. During iteration, the capture variables used to pass matched data to the chained rule are overwritten on each pass, leaving only the final captured value available for subsequent evaluation. As a result, if an earlier multipart section contains a malicious charset value but a later section contains a benign charset, the chained rule may evaluate only the benign final value and fail to detect the malicious earlier part. An attacker can exploit this logic flaw by crafting multipart requests with multiple parts to evade WAF inspection of encoded malicious payloads.
Mallory correlates every CVE against your assets, your vendors, and active adversary campaigns. Know which vulnerabilities matter for you, not just which ones are loud.
What it means. What to do now. Patch path, mitigations, and the assume-compromise checklist.
What an attacker gets, and what they’ve been doing with it.
If you can’t patch tonight, do this now.
Patch, then assume compromise.
2 valid exploits after Mallory filtered fakes, detection scripts, and README-only repos (1 hidden).
This repository is a small self-contained lab and proof-of-concept for a web XSS issue involving multipart form parsing and charset-based payload decoding. The structure is simple: a docker-compose stack launches an OWASP ModSecurity CRS nginx proxy in front of a custom Flask application; flask/Dockerfile and flask/requirements.txt build the backend; flask/app.py contains the vulnerable logic; POC.txt contains a raw exploit request; README.md explains how to run the lab and trigger the issue. The core vulnerability is in flask/app.py. The /submit route manually parses multipart/form-data using Python's email parser, reads each part's declared charset, decodes attacker-controlled bytes accordingly, and stores the decoded values in a dictionary. Those values are then rendered into HTML using render_template_string with '{{ value | safe }}', explicitly disabling escaping. The provided PoC abuses this by sending a multipart field with Content-Type charset=utf-7 and a UTF-7 encoded <script> payload. After decoding, the payload becomes executable JavaScript in the browser. The sample payload reads the hidden flag from the page element with id 'secret-flag' and displays it. Main exploit capability: client-side code execution in the browser of anyone viewing the rendered response page, demonstrated as DOM data theft. This is a web-to-browser attack path rather than server-side code execution. The proxy/WAF context suggests the lab is intended to demonstrate a WAF bypass angle, where UTF-7 encoded multipart content may evade simplistic filtering while still being decoded by the backend. Repository purpose: to provide a reproducible Docker-based environment for demonstrating and testing this XSS/WAF-bypass scenario. It is a real exploit PoC rather than a scanner or detection script, but it remains proof-of-concept level because the payload is fixed and only demonstrates alert-based exfiltration of a lab flag.
This repository provides a proof-of-concept (PoC) for CVE-2026-21876, a vulnerability in the OWASP ModSecurity Core Rule Set (CRS) that allows WAF bypass via specially crafted multipart/form-data requests. The repository includes a docker-compose setup to deploy a vulnerable ModSecurity CRS (as a reverse proxy) in front of a simple Flask web application. The main exploit is a POST request to the /submit endpoint, where the 'username' field uses a non-standard charset (utf-7) to evade WAF filtering. The Flask app parses multipart/form-data and displays the decoded fields, demonstrating the bypass. The PoC is operational and intended for testing and demonstration purposes in a controlled environment. No detection scripts or fake exploits are present; the code is a working demonstration of the bypass technique.
Products and vendors Mallory has correlated with this vulnerability. Open in Mallory to drill down to specific CPE configurations and version ranges.
Vendor-confirmed product mapping. Mallory continuously reconciles this list against your asset inventory.
31 sources tracked across advisories, community write-ups, and news. New activity surfaces here as Mallory finds it.
A MOVEit WAF bypass vulnerability mentioned only in a vendor security history timeline.
A MOVEit WAF vulnerability mentioned only as background on Progress Software's security history.
A vulnerability in the OWASP Core Rule Set used by web application firewalls that allows remote unauthenticated attackers to bypass WAF detection using a specially crafted multipart HTTP request with an encoded malicious payload.
Query your assets running an affected version, and investigate the blast radius.
Every observed campaign linking this CVE to a named adversary.
Malware families riding this exploit, with evidence and IOCs.
YARA, Sigma, Snort, and vendor rules, auto-deployed to your SIEM.
Cross-references every affected SKU, including bundled OEM variants.
Community discussion across Reddit, Mastodon, and other social sources.