HIGH
hapifhir
CVE published 2026-03-20
CVE-2026-33180
CVE-2026-33180 is a high-severity vulnerability in HAPI FHIR, a Java implementation of the HL7 FHIR standard for healthcare interoperability. The issue arises from the internal HTTP client sending headers to subsequent hosts when following redirects, potentially exposing sensitive information. This vulnerability has been patched in release 6.9.0. Users are advised to update to the latest version to mitiga [truncated]