CVE-2026-40394

Name of the Vulnerable Software and Affected Versions Varnish Cache versions prior to 9.0.1 Varnish Enterprise versions prior to 6.0.16r11

Description Varnish Cache and Varnish Enterprise are susceptible to a denial of service (daemon panic) due to a workspace overflow. This occurs when handling certain amounts of prefetched data during an HTTP/2 session upgrade from HTTP/1. Specifically, the repurposing of an HTTP/1 request as stream zero during the upgrade process can lead to a buffer allocation that splits the workspace. Subsequent fetch operations with pipelining can then exhaust the available workspace.

Recommendations Update Varnish Cache to version 9.0.1 or later. Update Varnish Enterprise to version 6.0.16r11 or later.