← back
CVE-2026-6324

Libsoup: libsoup: http request smuggling via unsigned to signed conversion error

CVSS 4.8 MEDIUMEPSS 0.9%CWE-444
A flaw was found in libsoup. A remote attacker could exploit an unsigned to signed conversion error in the `soup_body_input_stream_read_chunked()` function by sending a malicious HTTP request. This vulnerability occurs when libsoup operates behind a non-libsoup proxy server or as a proxy in front of a non-libsoup backend server. Successful exploitation can allow an attacker to bypass security controls, poison web caches, or gain unauthorized access.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
Affected products
Red Hat · Red Hat Enterprise Linux 10Red Hat · Red Hat Enterprise Linux 6Red Hat · Red Hat Enterprise Linux 7Red Hat · Red Hat Enterprise Linux 8Red Hat · Red Hat Enterprise Linux 9
public PoCs found1
cve_referencegitlab.gnome.org/GNOME/libsoup/-/work_items/508unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://access.redhat.com/security/cve/CVE-2026-6324https://bugzilla.redhat.com/show_bug.cgi?id=2458479https://gitlab.gnome.org/GNOME/libsoup/-/issues/508https://gitlab.gnome.org/GNOME/libsoup/-/work_items/508