VDB

DEBIAN-CVE-2026-2369

DEBIAN-CVE-2026-2369 PUBLISHED CVSS 9.100000381469727 CRITICAL

A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, leading to a buffer overread. This can allow an attacker to potentially access sensitive information or cause an application level denial of service.

Risk Scores

CVSS 3.1
9.100000381469727
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Affected Products

VendorProductVersions
Debian:12libsoup2.42.74.3-6, 2.74.3-5, 2.74.3-3.1~exp3
Debian:11libsoup2.42.74.3-7, 2.74.3-5, 2.74.3-11
Debian:14libsoup33.6.5-3, 0, 3.6.5-5
Debian:13libsoup2.42.74.3-11, 2.74.3-10.1, 2.74.3-11
Debian:12libsoup33.4.4-5, 3.4.4-4, 3.4.4-3
Debian:13libsoup33.6.6-1, 3.6.6-1, 0

Timeline

  • Mar 19, 2026 CVE Published
  • Apr 29, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›