CVE-2026-42581 | Netty up to 1.0/1.1/4.1.133.Final/4.2.13.Final HTTPObjectDecoder request smuggling

Inserito da Angelo Barbosa | Mag 13, 2026 | CVE

A vulnerability categorized as problematic has been discovered in Netty up to 1.0/1.1/4.1.133.Final/4.2.13.Final. The impacted element is an unknown function of the component HTTPObjectDecoder. Executing a manipulation can lead to http request smuggling.

This vulnerability is registered as CVE-2026-42581. It is possible to launch the attack remotely. No exploit is available.

It is advisable to upgrade the affected component.

CVE-2026-42581 | Netty up to 1.0/1.1/4.1.133.Final/4.2.13.Final HTTPObjectDecoder request smuggling

Post correlati

CVE-2025-45987 | Blink BL-X26_DA3 bs_SetDNSInfo dns1/dns2 command injection

CVE-2025-46289 | Apple macOS up to 14.8.2/15.7.2 App access control

CVE-2025-8741 | macrozheng mall up to 1.0.3 /admin/login cleartext transmission

CVE-2025-38058 | Linux Kernel up to 6.14.8 __legitimize_mnt privilege escalation