CVE-2026-2369

CVSS v3.1

9.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions libsoup versions prior to 3.6.5 libsoup versions prior to 2.74.3

Description An integer underflow vulnerability exists when processing content with a zero-length resource, resulting in a buffer overread. This could allow an attacker to potentially access sensitive information or cause an application-level denial of service.

Recommendations Update libsoup to version 3.6.5 or later. Update libsoup to version 2.74.3 or later.

Fix

Integer Underflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-191

Related Identifiers

BDU:2026-06706

CVE-2026-2369

ECHO-6BBB-610C-309A

OESA-2026-1449

OPENSUSE-SU-2026:10208-1

OPENSUSE-SU-2026:10209-1

OPENSUSE-SU-2026:20354-1

OPENSUSE-SU-2026:20384-1

SUSE-SU-2026:0657-1

SUSE-SU-2026:0658-1

SUSE-SU-2026:0689-1

SUSE-SU-2026:0690-1

SUSE-SU-2026:0703-1

SUSE-SU-2026:0834-1

SUSE-SU-2026:20529-1

SUSE-SU-2026:20649-1

SUSE-SU-2026:20752-1

SUSE-SU-2026:20902-1

Affected Products

Libsoup

CVE-2026-2369

Weakness Enumeration

Related Identifiers

Affected Products

References · 73