Description
A flaw was found in libsoup, an HTTP client/server library. This HTTP Request Smuggling vulnerability arises from non-RFC-compliant parsing in the soup_filter_input_stream_read_line() logic, where libsoup accepts malformed chunk headers, such as lone line feed (LF) characters instead of the required carriage return and line feed (CRLF). A remote attacker can exploit this without authentication or user interaction by sending specially crafted chunked requests. This allows libsoup to parse and process multiple HTTP requests from a single network message, potentially leading to information disclosure.
Published: 2026-02-03
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Information Disclosure via HTTP request smuggling
Action: Patch
AI Analysis

Impact

A flaw in the GNOME libsoup HTTP client/server library permits remote attackers to send specially crafted chunked requests that contain malformed chunk headers, such as a lone line feed. Because libsoup’s parsing logic accepts these headers, it can interpret a single network message as containing multiple HTTP requests. This behavior enables an attacker to smuggle requests through the server, potentially exposing sensitive data that would otherwise remain confined to the original request context.

Affected Systems

Red Hat Enterprise Linux versions 6 through 10, and any installations that use the GNOME libsoup library. No specific subspecifications of libsoup versions are listed in the CNA data.

Risk and Exploitability

The vulnerability has a CVSS score of 5.3, indicating moderate severity. EPSS scores below 1 % suggest a low probability of exploitation at this time, and it is not currently listed in the CISA KEV catalog. Attackers can exploit the flaw without authentication or any user interaction by transmitting crafted HTTP requests directly to a target that uses libsoup as the server component. If successful, request smuggling may lead to unintended processing of multiple HTTP requests and information disclosure.

Generated by OpenCVE AI on April 16, 2026 at 17:26 UTC.

Remediation

Vendor Workaround

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

OpenCVE Recommended Actions

  • Apply the latest security update for Red Hat Enterprise Linux that includes the fixed libsoup package
  • Upgrade or reinstall the GNOME libsoup library to the newest available version
  • No official workaround has been provided by Red Hat for this vulnerability

Generated by OpenCVE AI on April 16, 2026 at 17:26 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 26 Mar 2026 18:15:00 +0000

Type Values Removed Values Added
First Time appeared Gnome
Gnome libsoup
CPEs cpe:2.3:a:gnome:libsoup:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
Vendors & Products Gnome
Gnome libsoup

Thu, 19 Mar 2026 15:00:00 +0000

Type Values Removed Values Added
References

Wed, 04 Feb 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 threat_severity

Low

Tue, 03 Feb 2026 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 03 Feb 2026 20:30:00 +0000

Type Values Removed Values Added
Description A flaw was found in libsoup, an HTTP client/server library. This HTTP Request Smuggling vulnerability arises from non-RFC-compliant parsing in the soup_filter_input_stream_read_line() logic, where libsoup accepts malformed chunk headers, such as lone line feed (LF) characters instead of the required carriage return and line feed (CRLF). A remote attacker can exploit this without authentication or user interaction by sending specially crafted chunked requests. This allows libsoup to parse and process multiple HTTP requests from a single network message, potentially leading to information disclosure.
Title Libsoup: libsoup: http request smuggling via malformed chunk headers
First Time appeared Redhat
Redhat enterprise Linux
Weaknesses CWE-444
CPEs cpe:/o:redhat:enterprise_linux:10
cpe:/o:redhat:enterprise_linux:6
cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:8
cpe:/o:redhat:enterprise_linux:9
Vendors & Products Redhat
Redhat enterprise Linux
References
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N'}

Subscriptions

Gnome Libsoup
Redhat Enterprise Linux
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2026-03-26T18:58:54.712Z

Reserved: 2026-02-03T12:42:08.207Z

Link: CVE-2026-1801

cve-icon Vulnrichment

Updated: 2026-02-03T20:40:46.358Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-03T21:16:12.390

Modified: 2026-03-26T18:02:05.433

Link: CVE-2026-1801

cve-icon Redhat

Severity : Low

Publid Date: 2026-02-03T00:00:00Z

Links: CVE-2026-1801 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T17:30:26Z

Weaknesses