CVE-2026-3632— Libsoup: libsoup: http smuggling and server-side request forgery via malformed hostnames
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-3632
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Libsoup: libsoup: http smuggling and server-side request forgery via malformed hostnames
Source: NVD (National Vulnerability Database)
Vulnerability Description
A flaw was found in libsoup, a library used by applications to send network requests. This vulnerability occurs because libsoup does not properly validate hostnames, allowing special characters to be injected into HTTP headers. A remote attacker could exploit this to perform HTTP smuggling, where they can send hidden, malicious requests alongside legitimate ones. In certain situations, this could lead to Server-Side Request Forgery (SSRF), enabling an attacker to force the server to make unauthorized requests to other internal or external systems. The impact is low, as SoupServer is not actually used in internet infrastructure.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
CWE-1286
Source: NVD (National Vulnerability Database)
Vulnerability Title
libsoup 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
libsoup是GNOME项目的一款GNOME的HTTP客户端/服务器库。 libsoup存在安全漏洞,该漏洞源于未正确验证主机名,允许将特殊字符注入HTTP标头,可能导致远程攻击者执行HTTP请求夹带,进而造成服务端请求伪造。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Red Hat | Red Hat Enterprise Linux 10 | - | cpe:/o:redhat:enterprise_linux:10 | |
| Red Hat | Red Hat Enterprise Linux 6 | - | cpe:/o:redhat:enterprise_linux:6 | |
| Red Hat | Red Hat Enterprise Linux 7 | - | cpe:/o:redhat:enterprise_linux:7 | |
| Red Hat | Red Hat Enterprise Linux 8 | - | cpe:/o:redhat:enterprise_linux:8 | |
| Red Hat | Red Hat Enterprise Linux 9 | - | cpe:/o:redhat:enterprise_linux:9 |
II. Public POCs for CVE-2026-3632
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-3632
请登录查看更多情报信息。
- 2445127 – (CVE-2026-3632) CVE-2026-3632 libsoup: libsoup: HTTP Smuggling and Server-Side Request Forgery via Malformed Hostnamesissue-trackingx_refsource_REDHAT
- https://nvd.nist.gov/vuln/detail/CVE-2026-3632
Same Patch Batch · Red Hat · 2026-03-17 · 5 CVEs total
| CVE-2026-4324 | 5.4 MEDIUM | Rubygem-katello: katello: denial of service and potential information disclosure via sql i |
| CVE-2026-4271 | 5.3 MEDIUM | Libsoup: libsoup: denial of service via use-after-free in http/2 server |
| CVE-2026-3634 | 3.9 LOW | Libsoup: libsoup: http header injection and response splitting via crlf injection in conte |
| CVE-2026-3633 | 3.9 LOW | Libsoup: libsoup: header and http request injection via crlf injection |
IV. Related Vulnerabilities
Same product: Red Hat Enterprise Linux 10
- CVE-2026-4802
Cockpit: cockpit: arbitrary command execution via crafted li - CVE-2026-6420
Keylime: keylime: security bypass due to hardcoded tpm quote - CVE-2026-34002
Xorg: xwayland: x.org x server: information disclosure or de - CVE-2026-34000
Xwayland: xorg: x.org x server: information disclosure and d - CVE-2026-2708
Libsoup: libsoup: http request smuggling via duplicate conte
Same vendor: Red Hat
- CVE-2026-4802
Cockpit: cockpit: arbitrary command execution via crafted li - CVE-2026-42011
Gnutls: gnutls: security bypass due to incorrect name constr - CVE-2026-42010
Gnutls: gnutls: authentication bypass via nul character in u - CVE-2026-6420
Keylime: keylime: security bypass due to hardcoded tpm quote - CVE-2026-34956
Openvswitch: open vswitch: denial of service via malformed f
Same weakness: CWE-1286
- CVE-2026-6442
Improper Command Detection Logic Allows RCE in Cortex Code C - CVE-2026-40198
Net::CIDR::Lite versions before 0.23 for Perl does not valid - CVE-2026-33778
Junos OS: SRX Series, MX Series: When a specifically malform - CVE-2026-34835
Rack: `Rack::Request` accepts invalid Host characters, enabl - CVE-2026-20114
Cisco IOS XE Software 安全漏洞
V. Comments for CVE-2026-3632
No comments yet