[MEDIUM] guzzlehttp/psr7 has Host Confusion via Authority Reinterpretation

PKSA-jj5t-2zs1-dcfm CVE-2026-48998 GHSA-34xg-wgjx-8xph

Affected version: <2.10.2

Reported by:
GitHub

[MEDIUM] guzzlehttp/psr7 has CRLF Injection via URI Host Component

PKSA-gm5x-j3mz-71n9 CVE-2026-49214 GHSA-hq7v-mx3g-29hw

Affected version: <2.10.2

Reported by:
GitHub