CVE-2026-3634

low-risk
Published 2026-03-17

A flaw was found in libsoup. An attacker controlling the value used to set the Content-Type header can inject a Carriage Return Line Feed (CRLF) sequence due to improper input sanitization in the `soup_message_headers_set_content_type()` function. This vulnerability allows for the injection of arbitrary header-value pairs, potentially leading to HTTP header injection and response splitting attacks.

Do I need to act?

-
0.03% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
3
CVSS 3.9/10 Low
NETWORK / HIGH complexity

Affected Products (6)

Affected Vendors

Redhat Gnome

References (4)

Vendor Advisory https://access.redhat.com/security/cve/CVE-2026-3634
Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=2445129
Exploit https://gitlab.gnome.org/GNOME/libsoup/-/issues/485
Exploit https://gitlab.gnome.org/GNOME/libsoup/-/issues/485
26
/ 100
low-risk
Severity 13/34 · Low
Exploitability 0/34 · Minimal
Exposure 13/34 · Low