A vulnerability was found in Axios 1.15.2 . It has been classified as problematic . Affected by this vulnerability is the function setProxy in the library lib/adapters/http.js . The manipulation leads to http response splitting. This vulnerability is listed as CVE-2026-44489 . The attack may be initiated remotely. There is no available exploit. Upgrading the affected component is recommended.