CVE-2026-6324 in libsoupinformación

Resumen

por MITRE • 2026-05-29

A flaw was found in libsoup. A remote attacker could exploit an unsigned to signed conversion error in the `soup_body_input_stream_read_chunked()` function by sending a malicious HTTP request. This vulnerability occurs when libsoup operates behind a non-libsoup proxy server or as a proxy in front of a non-libsoup backend server. Successful exploitation can allow an attacker to bypass security controls, poison web caches, or gain unauthorized access.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsable

Redhat

Reservar

2026-04-14

Divulgación

2026-05-29

Moderación

aceptado

Artículo

VDB-367106

CPE

listo

CWE

CWE-444 (confirmado)

CVSS

4.8 (CNA)

EPSS

0.00042

KEV

Actividades

muy bajo

Fuentes

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-6324
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-6324
CVE Details	https://www.cvedetails.com/cve/CVE-2026-6324/

◂ Anterior Visión De Conjunto Próximo ▸

Interested in the pricing of exploits?

See the underground prices here!