CVE-2026-3633 in libsoupinformation

Résumé

par MITRE • 17/03/2026

A flaw was found in libsoup. A remote attacker, by controlling the method parameter of the `soup_message_new()` function, could inject arbitrary headers and additional request data. This vulnerability, known as CRLF (Carriage Return Line Feed) injection, occurs because the method value is not properly escaped during request line construction, potentially leading to HTTP request injection.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Divulgation

17/03/2026

Modérer

accepté

Entrée

VDB-349434

CPE

prêt

EPSS

0.00048

KEV

non

Activités

très faible

Sources

MITREhttps://www.cve.org/CVERecord?id=CVE-2026-3633
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2026-3633
CVE Detailshttps://www.cvedetails.com/cve/CVE-2026-3633/

PrécédentAperçuSuivant

Do you know our Splunk app?

Download it now for free!