CVE-2026-28368

Name of the Vulnerable Software and Affected Versions Undertow (affected versions not specified)

Description A security issue exists in Undertow that allows a remote attacker to create malicious requests. The issue stems from discrepancies in how Undertow parses header names compared to upstream proxies, which can be exploited to launch request smuggling attacks. Successful exploitation could bypass security measures and grant access to unauthorized resources.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.