Description
An out-of-bounds read vulnerability was found in libsoup's multipart processing subsystem. The flaw exists in the soup_multipart_input_stream_read_headers() function inside soup-multipart-input-stream.c, which does not adequately restrict or validate the size of incoming multipart boundary strings. When processing a crafted HTTP response containing a malformed or oversized boundary parameter, the internal stream reader reads past the allocated buffer bounds. A remote, unauthenticated attacker can exploit this behavior to cause a service denial (DoS) through application failure or potentially read fragments of unauthorized memory metadata.
Published: 2026-07-14
Score: 6.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

Vendor Workaround

To mitigate this issue, restrict network access to applications that utilize libsoup for processing multipart messages from untrusted sources. Implement firewall rules to limit incoming connections to only trusted clients, thereby reducing the attack surface. If the vulnerable component is part of a service, ensure that the service is not exposed to untrusted networks.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 15 Jul 2026 15:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 15 Jul 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

threat_severity

Moderate


Tue, 14 Jul 2026 20:00:00 +0000

Type Values Removed Values Added
Description An out-of-bounds read vulnerability was found in libsoup's multipart processing subsystem. The flaw exists in the soup_multipart_input_stream_read_headers() function inside soup-multipart-input-stream.c, which does not adequately restrict or validate the size of incoming multipart boundary strings. When processing a crafted HTTP response containing a malformed or oversized boundary parameter, the internal stream reader reads past the allocated buffer bounds. A remote, unauthenticated attacker can exploit this behavior to cause a service denial (DoS) through application failure or potentially read fragments of unauthorized memory metadata.
Title Libsoup: soupmultipartinputstream: libsoup: out-of-bounds read in soup_multipart_input_stream_read_headers via an oversized multipart boundary string
First Time appeared Redhat
Redhat enterprise Linux
Weaknesses CWE-125
CPEs cpe:/o:redhat:enterprise_linux:10
cpe:/o:redhat:enterprise_linux:6
cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:8
cpe:/o:redhat:enterprise_linux:9
Vendors & Products Redhat
Redhat enterprise Linux
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L'}


Subscriptions

Redhat Enterprise Linux
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2026-07-15T14:09:52.512Z

Reserved: 2026-07-14T10:23:23.535Z

Link: CVE-2026-15714

cve-icon Vulnrichment

Updated: 2026-07-15T14:09:26.911Z

cve-icon NVD

No data.

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-07-14T10:20:00Z

Links: CVE-2026-15714 - Bugzilla

cve-icon OpenCVE Enrichment

No data.

Weaknesses