← back
CVE-2026-3634

Libsoup: libsoup: http header injection and response splitting via crlf injection in content-type header

CVSS 3.9 LOWEPSS 0.2%CWE-93
Vexday Risk Score
8Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 3.9EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
17 Mar 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A flaw was found in libsoup. An attacker controlling the value used to set the Content-Type header can inject a Carriage Return Line Feed (CRLF) sequence due to improper input sanitization in the `soup_message_headers_set_content_type()` function. This vulnerability allows for the injection of arbitrary header-value pairs, potentially leading to HTTP header injection and response splitting attacks.
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
Affected products
Red Hat · Red Hat Enterprise Linux 10Red Hat · Red Hat Enterprise Linux 6Red Hat · Red Hat Enterprise Linux 7Red Hat · Red Hat Enterprise Linux 8Red Hat · Red Hat Enterprise Linux 9

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://access.redhat.com/security/cve/CVE-2026-3634https://bugzilla.redhat.com/show_bug.cgi?id=2445129https://gitlab.gnome.org/GNOME/libsoup/-/issues/485