Description
A flaw was found in libsoup. This stack-based buffer overflow vulnerability occurs during the parsing of multipart HTTP responses due to an incorrect length calculation. A remote attacker can exploit this by sending a specially crafted multipart HTTP response, which can lead to memory corruption. This issue may result in application crashes or arbitrary code execution in applications that process untrusted server responses, and it does not require authentication or user interaction.
Published: 2026-02-02
Score: 8.6 High
EPSS: 1.2% Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

A stack‑based buffer overflow has been discovered in libsoup’s multipart HTTP response parser. The vulnerability arises from an incorrect length calculation, allowing a remote attacker to orchestrate memory corruption by sending a specially crafted multipart HTTP response. The resulting effects may include application crashes or arbitrary code execution and do not require authentication or user interaction, thereby affecting confidentiality, integrity, and availability for any application that processes untrusted server responses.

Affected Systems

The flaw affects multiple Red Hat distributions, including Red Hat Enterprise Linux 6 and 7, all recent release streams of Red Hat Enterprise Linux 8 (8.2, 8.4, 8.6, 8.8, as well as the associated Advanced Update and Extended Update support branches), Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 10, and the Red Hat OpenShift Dev Spaces version 3.26. The specific errata that contain the fix span RHSA‑2026:1948 through RHSA‑2026:2844 for the various platform versions.

Risk and Exploitability

The issue carries a CVSS score of 8.6, indicating a high‑severity flaw, while its EPSS score of 1 % suggests a low but non‑zero likelihood of exploitation at the time of this analysis. The vulnerability is not listed in CISA’s Known Exploited Vulnerabilities catalog, which implies no documented active exploitation yet. Exploitation requires a network path whereby the attacker can cause the vulnerable application to receive a crafted multipart HTTP response; no authentication or privileged access is needed. The attack vector is therefore remote, via the application’s HTTP client stack.

Generated by OpenCVE AI on April 16, 2026 at 07:07 UTC.

Remediation

Vendor Workaround

To mitigate this issue, applications utilizing libsoup that process HTTP responses should be configured to only communicate with trusted endpoints. Implement network egress filtering to restrict vulnerable applications from connecting to untrusted external services, thereby reducing the exposure to specially crafted multipart HTTP responses.

OpenCVE Recommended Actions

  • If an immediate patch cannot be applied, reconfigure the applications that use libsoup to communicate only with trusted, vetted endpoints, thereby limiting the exposure to crafted multipart responses
  • Implement network egress filtering so that vulnerable services cannot reach untrusted external servers, reducing the attack surface
  • Verify that no other components or third‑party libraries within the environment still contain the vulnerable libsoup code, and schedule a comprehensive audit of HTTP client usage

Generated by OpenCVE AI on April 16, 2026 at 07:07 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 19 Mar 2026 15:00:00 +0000

Type Values Removed Values Added
References

Tue, 17 Feb 2026 18:45:00 +0000

Type Values Removed Values Added
First Time appeared Redhat openshift Devspaces
CPEs cpe:/a:redhat:openshift_devspaces:3.26::el9
Vendors & Products Redhat openshift Devspaces
References

Thu, 12 Feb 2026 14:00:00 +0000

Type Values Removed Values Added
First Time appeared Redhat rhel Els
CPEs cpe:/o:redhat:enterprise_linux:7 cpe:/o:redhat:rhel_els:7
Vendors & Products Redhat rhel Els
References

Wed, 11 Feb 2026 13:30:00 +0000

Type Values Removed Values Added
References

Wed, 11 Feb 2026 11:00:00 +0000

Type Values Removed Values Added
References

Wed, 11 Feb 2026 08:15:00 +0000

Type Values Removed Values Added
References

Wed, 11 Feb 2026 08:00:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:rhel_aus:8.6::appstream
cpe:/a:redhat:rhel_e4s:8.6::appstream
cpe:/a:redhat:rhel_tus:8.6::appstream
cpe:/o:redhat:rhel_aus:8.6::baseos
cpe:/o:redhat:rhel_e4s:8.6::baseos
cpe:/o:redhat:rhel_tus:8.6::baseos
References

Tue, 10 Feb 2026 13:45:00 +0000

Type Values Removed Values Added
First Time appeared Redhat rhel Aus
Redhat rhel Eus Long Life
CPEs cpe:/a:redhat:rhel_aus:8.2::appstream
cpe:/a:redhat:rhel_aus:8.4::appstream
cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
cpe:/o:redhat:rhel_aus:8.2::baseos
cpe:/o:redhat:rhel_aus:8.4::baseos
cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
Vendors & Products Redhat rhel Aus
Redhat rhel Eus Long Life
References

Mon, 09 Feb 2026 07:15:00 +0000

Type Values Removed Values Added
CPEs cpe:/o:redhat:enterprise_linux:8 cpe:/a:redhat:enterprise_linux:8::appstream
cpe:/o:redhat:enterprise_linux:8::baseos
References

Mon, 09 Feb 2026 03:30:00 +0000

Type Values Removed Values Added
CPEs cpe:/o:redhat:enterprise_linux:9 cpe:/a:redhat:enterprise_linux:9::appstream
References

Thu, 05 Feb 2026 20:00:00 +0000

Type Values Removed Values Added
CPEs cpe:/o:redhat:enterprise_linux:10 cpe:/o:redhat:enterprise_linux:10.1
References

Thu, 05 Feb 2026 13:45:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:rhel_eus:9.6::appstream
References

Thu, 05 Feb 2026 07:00:00 +0000

Type Values Removed Values Added
First Time appeared Redhat enterprise Linux Eus
CPEs cpe:/a:redhat:rhel_e4s:9.0::appstream
cpe:/o:redhat:enterprise_linux_eus:10.0
Vendors & Products Redhat enterprise Linux Eus
References

Thu, 05 Feb 2026 04:45:00 +0000

Type Values Removed Values Added
First Time appeared Redhat rhel Eus
CPEs cpe:/a:redhat:rhel_eus:9.4::appstream
Vendors & Products Redhat rhel Eus
References

Thu, 05 Feb 2026 04:15:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:rhel_e4s:9.2::appstream
References

Thu, 05 Feb 2026 02:15:00 +0000

Type Values Removed Values Added
First Time appeared Redhat rhel E4s
Redhat rhel Tus
CPEs cpe:/a:redhat:rhel_e4s:8.8::appstream
cpe:/a:redhat:rhel_tus:8.8::appstream
cpe:/o:redhat:rhel_e4s:8.8::baseos
cpe:/o:redhat:rhel_tus:8.8::baseos
Vendors & Products Redhat rhel E4s
Redhat rhel Tus
References

Tue, 03 Feb 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 threat_severity

Important

Mon, 02 Feb 2026 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 02 Feb 2026 14:15:00 +0000

Type Values Removed Values Added
Description A flaw was found in libsoup. This stack-based buffer overflow vulnerability occurs during the parsing of multipart HTTP responses due to an incorrect length calculation. A remote attacker can exploit this by sending a specially crafted multipart HTTP response, which can lead to memory corruption. This issue may result in application crashes or arbitrary code execution in applications that process untrusted server responses, and it does not require authentication or user interaction.
Title Libsoup: stack-based buffer overflow in libsoup multipart response parsingmultipart http response
First Time appeared Redhat
Redhat enterprise Linux
Weaknesses CWE-121
CPEs cpe:/o:redhat:enterprise_linux:10
cpe:/o:redhat:enterprise_linux:6
cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:8
cpe:/o:redhat:enterprise_linux:9
Vendors & Products Redhat
Redhat enterprise Linux
References
Metrics cvssV3_1

{'score': 8.6, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L'}

Subscriptions

Redhat Enterprise Linux Enterprise Linux Eus Openshift Devspaces Rhel Aus Rhel E4s Rhel Els Rhel Eus Rhel Eus Long Life Rhel Tus
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2026-03-19T14:40:01.829Z

Reserved: 2026-02-02T12:54:30.233Z

Link: CVE-2026-1761

cve-icon Vulnrichment

Updated: 2026-02-02T17:30:16.065Z

cve-icon NVD

Status : Deferred

Published: 2026-02-02T14:16:34.650

Modified: 2026-04-15T00:35:42.020

Link: CVE-2026-1761

cve-icon Redhat

Severity : Important

Publid Date: 2026-02-02T00:00:00Z

Links: CVE-2026-1761 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T07:15:28Z

Weaknesses