Vulnerability Description
A flaw was found in libsoup. This stack-based buffer overflow vulnerability occurs during the parsing of multipart HTTP responses due to an incorrect length calculation. A remote attacker can exploit this by sending a specially crafted multipart HTTP response, which can lead to memory corruption. This issue may result in application crashes or arbitrary code execution in applications that process untrusted server responses, and it does not require authentication or user interaction.
CVSS Score
HIGH
Related Weaknesses (CWE)
References
- https://access.redhat.com/errata/RHSA-2026:1948
- https://access.redhat.com/errata/RHSA-2026:2005
- https://access.redhat.com/errata/RHSA-2026:2006
- https://access.redhat.com/errata/RHSA-2026:2007
- https://access.redhat.com/errata/RHSA-2026:2008
- https://access.redhat.com/errata/RHSA-2026:2049
- https://access.redhat.com/errata/RHSA-2026:2182
- https://access.redhat.com/errata/RHSA-2026:2214
- https://access.redhat.com/errata/RHSA-2026:2215
- https://access.redhat.com/errata/RHSA-2026:2216
- https://access.redhat.com/errata/RHSA-2026:2396
- https://access.redhat.com/errata/RHSA-2026:2402
- https://access.redhat.com/errata/RHSA-2026:2410
- https://access.redhat.com/errata/RHSA-2026:2512
- https://access.redhat.com/errata/RHSA-2026:2513
FAQ
What is CVE-2026-1761?
CVE-2026-1761 is a vulnerability with a CVSS score of 8.6 (HIGH). A flaw was found in libsoup. This stack-based buffer overflow vulnerability occurs during the parsing of multipart HTTP responses due to an incorrect length calculation. A remote attacker can exploit ...
How severe is CVE-2026-1761?
CVE-2026-1761 has been rated HIGH with a CVSS base score of 8.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-1761?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.