CVE-2026-1467
Last modified
CVE-2026-1467 is a medium-severity vulnerability rated 5.3/10 on the CVSS scale. A flaw was found in libsoup, an HTTP client library. This vulnerability, known as CRLF (Carriage Return Line Feed) Injection, occurs when an HTTP proxy is configured and the library improperly handles URL-decoded input used to create the Host header. EPSS estimates a 0.31% chance of exploitation in the next 30 days.
Description
A flaw was found in libsoup, an HTTP client library. This vulnerability, known as CRLF (Carriage Return Line Feed) Injection, occurs when an HTTP proxy is configured and the library improperly handles URL-decoded input used to create the Host header. A remote attacker can exploit this by providing a specially crafted URL containing CRLF sequences, allowing them to inject additional HTTP headers or complete HTTP request bodies. This can lead to unintended or unauthorized HTTP requests being forwarded by the proxy, potentially impacting downstream services.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Gnome | Libsoup | All versions |
| Redhat | Enterprise Linux | 6.0 |
| Redhat | Enterprise Linux | 7.0 |
| Redhat | Enterprise Linux | 8.0 |
| Redhat | Enterprise Linux | 9.0 |
| Redhat | Enterprise Linux | 10.0 |
References
- https://access.redhat.com/security/cve/CVE-2026-1467Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2433174Issue Tracking, Third Party Advisory
- https://gitlab.gnome.org/GNOME/libsoup/-/issues/488Exploit, Issue Tracking, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2026-1467?
How severe is CVE-2026-1467?
How do I fix CVE-2026-1467?
Are you affected by CVE-2026-1467?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST