CVE-2026-1467
moderate-risk
Published 2026-01-27
A flaw was found in libsoup, an HTTP client library. This vulnerability, known as CRLF (Carriage Return Line Feed) Injection, occurs when an HTTP proxy is configured and the library improperly handles URL-decoded input used to create the Host header. A remote attacker can exploit this by providing a specially crafted URL containing CRLF sequences, allowing them to inject additional HTTP headers or complete HTTP request bodies. This can lead to unintended or unauthorized HTTP requests being forwarded by the proxy, potentially impacting downstream services.
Do I need to act?
-
0.06% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.8/10
Medium
NETWORK
/ LOW complexity
Affected Products (6)
References (3)
Third Party Advisory
https://access.redhat.com/security/cve/CVE-2026-1467
Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=2433174
35
/ 100
moderate-risk
Severity
22/34 · High
Exploitability
0/34 · Minimal
Exposure
13/34 · Low