CVE ID: CVE-2026-1760 Bug ID: Bug 2435951 Title: libsoup: SoupServer: Denial of Service via HTTP request smuggling Product: Security Response Component: vulnerability Version: unspecified Priority: medium Severity: medium Assignee: Product Security DevOps Team Reported: 2026-02-02 12:30 UTC by OSIDB Bzimport Modified: 2026-02-02 13:26 UTC Status: NEW Description: HTTP request smuggling vulnerability in SoupServer due to improper handling of requests containing Transfer-Encoding: chunked combined with Connection: keep-alive. Although SoupServer correctly ignores the Content-Length header, it fails to close the connection after responding, in violation of RFC 9112. This allows remaining chunked data to be processed as a subsequent HTTP request. A remote, unauthenticated client can exploit this behavior to smuggle additional requests over a persistent connection, leading to unintended request processing and potential denial-of-service conditions.