CVE-2026-1536
CRLF Injection in Libsoup Enables HTTP Header Injection
Publication date: 2026-01-28
Last updated on: 2026-03-25
Assigner: Red Hat, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| redhat | enterprise_linux | 7.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux | 8.0 |
| redhat | enterprise_linux | 9.0 |
| redhat | enterprise_linux | 10.0 |
| gnome | libsoup | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-93 | The product uses CRLF (carriage return line feeds) as a special element, e.g. to separate lines or records, but it does not neutralize or incorrectly neutralizes CRLF sequences from inputs. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a flaw in libsoup where an attacker who can control the Content-Disposition header input can inject CRLF (Carriage Return Line Feed) sequences into the header value. These sequences are interpreted literally when constructing HTTP requests or responses, allowing the attacker to inject arbitrary HTTP headers. This can lead to HTTP header injection or HTTP response splitting without needing authentication or user interaction.
How can this vulnerability impact me? :
The vulnerability can allow an attacker to inject arbitrary HTTP headers or split HTTP responses, which can be exploited to manipulate web traffic, perform cache poisoning, cross-site scripting (XSS), or other attacks that rely on controlling HTTP headers. This can compromise the integrity of web communications and potentially lead to further exploitation.