Libsoup
The latest Libsoup coverage — news, analysis, and updates from the WindowsNews.AI desk.
RHEL 8/9/10: A Tiny Compressed WebSocket Message Can Crash Your Server—No Patch Yet
Red Hat disclosed a high-severity vulnerability in the libsoup network library that lets a remote, unauthenticated attacker crash a service with a single, carefully crafted compressed WebSocket...
CVE-2026-15711: How a Linux Library Bug Can Crash Your Windows Services
{ "title": "CVE-2026-15711: How a Linux Library Bug Can Crash Your Windows Services", "content": "On July 14, 2026, security researchers at Red Hat published details of a high-severity...
How a Heap Bug in libsoup Can Crash Your WSL Apps – and What Windows Admins Must Do
On July 14, 2026, Red Hat disclosed a heap buffer over-read vulnerability in the libsoup networking library that can crash applications handling HTTP/2 traffic. CVE-2026-15712 affects versions 3.0...
Red Hat Flags libsoup HTTP/2 Memory Leak That Can Crash Apps—No Patch Yet
Red Hat has published a new vulnerability, CVE-2026-15713, that exposes applications using the libsoup library to a remote-triggered denial of service. The flaw, disclosed on July 14, 2026, allows a...
Windows Users, Check Your Systems for libsoup Request Smuggling (CVE-2026-2708) — Patch Guide
Microsoft’s April security advisories include a tracking entry for CVE-2026-2708, a request smuggling flaw in the open‑source libsoup HTTP library. Though libsoup originates in the Linux/GNOME...
CVE-2026-2436: Critical libsoup Use-After-Free Vulnerability Threatens Windows Applications
A newly disclosed vulnerability in libsoup, tracked as CVE-2026-2436, exposes Windows applications to potential crashes and remote code execution through a use-after-free flaw in TLS disconnect...
CVE-2026-3633: libsoup CRLF Injection Vulnerability Enables HTTP Request Smuggling Attacks
CVE-2026-3633 exposes a critical CRLF injection vulnerability in the libsoup HTTP client library that enables HTTP request smuggling attacks through method header manipulation. The vulnerability,...
Microsoft Confirms Azure Linux Hit by Libsoup Bug CVE-2025-32053 — Here’s the Patching Playbook
Microsoft has publicly confirmed that Azure Linux is vulnerable to CVE-2025-32053, a medium-severity heap buffer over-read in the libsoup library that could allow remote attackers to crash services...
Azure Linux Confirmed Exposed to CVE-2025-32052, But Libsoup Vulnerability Could Lurk in More Microsoft Offerings
Microsoft has publicly confirmed that its Azure Linux distribution includes a vulnerable version of the libsoup library, putting virtual machines and container workloads running the cloud-optimized...
CVE-2025-32051: Microsoft plugs libsoup crash bug in Azure Linux
Microsoft has patched a denial-of-service vulnerability in libsoup, the open-source HTTP library used by its Azure Linux distribution, after researchers discovered that a malformed data URI can crash...
Microsoft Flags High-Impact Libsoup Flaw in Azure Linux—Here’s How to Fix It
{ "title": "Microsoft Flags High-Impact Libsoup Flaw in Azure Linux—Here’s How to Fix It", "content": "Microsoft has published a security advisory for a newly registered vulnerability in the...
Microsoft Flags High-Severity Libsoup Bug in Azure Linux—Patch Immediately
A high-severity memory safety flaw in a widely used Linux networking library has prompted urgent patching across major distributions, and Microsoft has weighed in on the risk for its own Azure Linux...