CVE-2026-0716
Unknown Unknown - Not Provided
Out-of-Bounds Read in Libsoup WebSocket Frame Processing

Publication date: 2026-01-13

Last updated on: 2026-01-13

Assigner: Red Hat, Inc.

Description
A flaw was found in libsoup’s WebSocket frame processing when handling incoming messages. If a non-default configuration is used where the maximum incoming payload size is unset, the library may read memory outside the intended bounds. This can cause unintended memory exposure or a crash. Applications using libsoup’s WebSocket support with this configuration may be impacted.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-13
Last Modified
2026-01-13
Generated
2026-06-16
AI Q&A
2026-01-14
EPSS Evaluated
2026-06-14
NVD
CVE-2026-0716
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
gnome libsoup From 0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-805 The product uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an out-of-bounds read flaw in the libsoup library's WebSocket frame processing. It happens when a non-default configuration is used where the maximum incoming payload size is set to 0 (unset). Under this condition, the library improperly checks bounds and may read memory beyond the allocated buffer when handling incoming WebSocket messages. This can lead to unintended memory exposure or cause the application to crash. [1]

Impact Analysis

If exploited, this vulnerability can cause unintended memory disclosure, potentially exposing sensitive data from memory, or cause the application using libsoup to crash, leading to denial of service. Exploitation requires a remote attacker to send specially crafted WebSocket frames and the application to be configured with the max_incoming_payload_size set to 0. [1]

Detection Guidance

Detection involves identifying if your application uses libsoup with the max_incoming_payload_size parameter set to 0 (non-default configuration). You can check application configurations or logs for this setting. Additionally, monitoring network traffic for unusual or malformed WebSocket frames might help detect exploitation attempts. Specific commands are not provided in the resources. [1]

Mitigation Strategies

Immediate mitigation includes ensuring that the max_incoming_payload_size parameter is not set to 0 (unset or set to a safe non-zero value) in libsoup configurations. Updating libsoup to a patched version that addresses this vulnerability is also recommended. Restricting or monitoring incoming WebSocket traffic from untrusted sources can reduce risk. [1]

Compliance Impact

The provided information does not specify how this vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-0716. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart