CVE-2026-54276 Overview
CVE-2026-54276 affects aiohttp, an asynchronous HTTP client/server framework for asyncio and Python. The flaw resides in DigestAuthMiddleware, which prior to version 3.14.1 sends an authentication response after following a cross-origin redirect. An attacker who controls a redirect destination, or who can abuse an open redirect on the original target domain, can receive the digest authentication response intended for a different origin. The issue is classified as Information Exposure under [CWE-200]. The vulnerability is fixed in aiohttp 3.14.1.
Critical Impact
Attackers receiving the leaked digest can recover user credentials only if weak cryptography or password reuse is present, limiting practical exploitation.
Affected Products
- aiohttp versions prior to 3.14.1
- Python applications using DigestAuthMiddleware for HTTP digest authentication
- Client workflows that follow cross-origin redirects with cached digest credentials
Discovery Timeline
- 2026-06-22 - CVE-2026-54276 published to NVD
- 2026-06-23 - Last updated in NVD database
Technical Details for CVE-2026-54276
Vulnerability Analysis
The aiohttp client supports HTTP Digest Access Authentication through DigestAuthMiddleware, which automatically replays authentication challenges defined in RFC 7616. Before version 3.14.1, the middleware did not pin digest credentials to the origin of the initial request. When the client followed a redirect to a different scheme, host, or port, the middleware computed and transmitted a digest authorization response using credentials intended for the original origin. The leaked value is the digest hash, not the cleartext password.
Root Cause
The middleware lacked origin scoping for cached credentials. RFC 7616 defines a domain directive that bounds the protection space for digest credentials, but the implementation did not enforce this boundary on redirects. Any 3xx response that pointed at an attacker-controlled origin caused the next request to carry an unsolicited Authorization: Digest header derived from the original server's nonce and the user's secret.
Attack Vector
Exploitation requires the attacker to influence the redirect target reached by the aiohttp client. This typically depends on an open redirect on the legitimate target domain or on attacker-controlled responses during a man-in-the-middle scenario. After receiving the digest response, the attacker can attempt offline cracking against the hash. Recovery of plaintext credentials only succeeds when weak hashing or password reuse is present.
- Includes replay attack protection with client nonce count tracking
- Supports preemptive authentication per RFC 7616 Section 3.6
+ Origin scoping:
+ The credentials are scoped to the origin of the first request the
+ middleware handles. A request to a different origin is passed through
+ untouched, so it never receives a digest response computed from those
+ credentials, unless that origin falls within a protection space the
+ anchor origin advertised through the RFC 7616 ``domain`` directive. Make
+ the first request through the middleware against the intended origin, as
+ the anchor is pinned to it and not reset for the life of the instance.
+
Standards compliance:
- RFC 7616: HTTP Digest Access Authentication (primary reference)
- RFC 2617: HTTP Authentication (deprecated by RFC 7616)
Source: aiohttp commit 38d16060
Detection Methods for CVE-2026-54276
Indicators of Compromise
- Outbound HTTP requests carrying an Authorization: Digest header directed at domains other than the intended authentication endpoint.
- 3xx redirect responses from trusted endpoints whose Location header points to external or attacker-controlled hosts.
- aiohttp client logs showing redirect chains that cross origin boundaries while digest authentication is active.
Detection Strategies
- Inventory Python services using aiohttp and confirm whether DigestAuthMiddleware is enabled, then verify the installed version against 3.14.1.
- Inspect application code for use of follow_redirects=True combined with digest authentication.
- Review proxy and egress logs for Authorization: Digest headers sent to unexpected destinations.
Monitoring Recommendations
- Alert on cross-origin redirects originating from internal services that use digest authentication.
- Track installed versions of aiohttp across managed hosts and CI/CD pipelines via SBOM or dependency scanning.
- Monitor for new open redirect findings on partner or upstream domains accessed by aiohttp clients.
How to Mitigate CVE-2026-54276
Immediate Actions Required
- Upgrade aiohttp to version 3.14.1 or later across all production, development, and container images.
- Audit dependency manifests (requirements.txt, pyproject.toml, poetry.lock) and rebuild containers that pin older versions.
- Rotate any credentials that may have transited cross-origin redirects through vulnerable clients.
Patch Information
The fix scopes digest credentials to the origin of the first request handled by the middleware. Requests to a different origin pass through without an Authorization header unless that origin falls within the RFC 7616 domain directive advertised by the anchor origin. See the aiohttp GitHub Security Advisory GHSA-hpj7-wq8m-9hgp and the aiohttp commit 38d16060.
Workarounds
- Disable automatic redirect following on aiohttp clients that use digest authentication by setting allow_redirects=False.
- Replace DigestAuthMiddleware with explicit per-request authentication that validates the destination URL before sending credentials.
- Enforce egress allowlists so clients cannot follow redirects to untrusted external domains.
# Upgrade aiohttp to the patched release
pip install --upgrade "aiohttp>=3.14.1"
# Verify the installed version
python -c "import aiohttp; print(aiohttp.__version__)"
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

