A vulnerability marked as problematic has been reported in Django up to 5.2.14/6.0.5 . Affected by this issue is the function django.utils.cache.has_vary_header of the component Response Header Handler . Performing a manipulation results in incomplete comparison with missing factors. This vulnerability is reported as CVE-2026-48587 . The attack is possible to be carried out remotely. No exploit exists. It is suggested to upgrade the affected component.