Vulnerability Details CVE-2026-4271
A flaw was found in libsoup, a library for handling HTTP requests. This vulnerability, known as a Use-After-Free, occurs in the HTTP/2 server implementation. A remote attacker can exploit this by sending specially crafted HTTP/2 requests that cause authentication failures. This can lead to the application attempting to access memory that has already been freed, potentially causing application instability or crashes, resulting in a Denial of Service (DoS).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 69.3%
CVSS Severity
CVSS v3 Score 5.3