CVE-2026-1761
HIGHCVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L
Lifecycle Timeline
3Description
A flaw was found in libsoup. This stack-based buffer overflow vulnerability occurs during the parsing of multipart HTTP responses due to an incorrect length calculation. A remote attacker can exploit this by sending a specially crafted multipart HTTP response, which can lead to memory corruption. This issue may result in application crashes or arbitrary code execution in applications that process untrusted server responses, and it does not require authentication or user interaction.
Analysis
Libsoup's multipart HTTP response parser contains a stack buffer overflow stemming from faulty length validation, enabling remote attackers to trigger memory corruption and potentially execute arbitrary code without authentication. Applications using libsoup to process untrusted server responses face crash or code execution risks. …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Identify all systems running libsoup and document versions; immediately implement WAF rules to block malformed multipart requests. Within 7 days: Deploy network segmentation to isolate affected services; disable multipart HTTP handling where not business-critical; enable enhanced logging for HTTP parsing errors. …
Sign in for detailed remediation steps.
Priority Score
Vendor Status
Share
External POC / Exploit Code
Leaving vuln.today