A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, leading to a buffer overread. This can allow an attacker to potentially access sensitive information or cause an application level denial of service.

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20354-1 advisory.

    - CVE-2025-4476: null pointer dereference may lead to denial of service (bsc#1243422).
    - CVE-2025-14523: Duplicate Host Header Handling Causes Host-Parsing Discrepancy (bsc#1254876).
    - CVE-2025-32049: Denial of Service attack to websocket server (bsc#1240751).
    - CVE-2026-0716: improper bounds handling may allow out-of-bounds read (bsc#1256418).
    - CVE-2026-0719: stack-based buffer overflow in NTLM authentication can lead to arbitrary code execution     (bsc#1256399).
    - CVE-2026-1467: lack of input sanitization can lead to unintended or unauthorized HTTP requests     (bsc#1257398).
    - CVE-2026-1539: proxy authentication credentials leaked via the Proxy-Authorization header when handling     HTTP redirects       (bsc#1257441).
    - CVE-2026-1760: improper handling of HTTP requests combining certain headers by SoupServer can lead to     HTTP request       smuggling and potential DoS (bsc#1257597).
    - CVE-2026-2369: Buffer overread due to integer underflow when handling zero-length resources     (bsc#1258120).
    - CVE-2026-2443: out-of-bounds read when processing specially crafted HTTP Range headers can lead to heap     information       disclosure to remote attackers (bsc#1258170).
    - CVE-2026-2708: HTTP request smuggling via duplicate Content-Length headers (bsc#1258508).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0834-1 advisory.

    - CVE-2025-32049: denial of service attack to websocket server (bsc#1240751).
    - CVE-2026-1467: lack of input sanitization can lead to unintended or unauthorized HTTP requests     (bsc#1257398).
    - CVE-2026-1539: proxy authentication credentials leaked via the Proxy-Authorization header when handling     HTTP redirects       (bsc#1257441).
    - CVE-2026-1760: improper handling of HTTP requests combining certain headers by SoupServer can lead to     HTTP request       smuggling and potential DoS (bsc#1257597).
    - CVE-2026-2369: buffer overread due to integer underflow when handling zero-length resources     (bsc#1258120).
    - CVE-2026-2443: out-of-bounds read when processing specially crafted HTTP Range headers can lead to heap     information       disclosure to remote attackers (bsc#1258170).
    - CVE-2026-2708: HTTP request smuggling via duplicate Content-Length headers (bsc#1258508).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1460 advisory.

    A flaw was found in libsoup. An attacker who can control the input for the Content-Disposition header can     inject CRLF (Carriage Return Line Feed) sequences into the header value. These sequences are then     interpreted verbatim when the HTTP request or response is constructed, allowing arbitrary HTTP headers to     be injected. This vulnerability can lead to HTTP header injection or HTTP response splitting without     requiring authentication or user interaction. (CVE-2026-1536)

    A flaw was found in the libsoup HTTP library that can cause proxy authentication credentials to be sent to     unintended destinations. When handling HTTP redirects, libsoup removes the Authorization header but does     not remove the Proxy-Authorization header if the request is redirected to a different host. As a result,     sensitive proxy credentials may be leaked to third-party servers. Applications using libsoup for HTTP     communication may unintentionally expose proxy authentication data. (CVE-2026-1539)

    libsoup: heap buffer overflow in soup_content_sniffer_sniff (CVE-2026-2369)

Tenable has extracted the preceding description block directly from the tested product security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0703-1 advisory.

    - CVE-2026-0716: improper bounds handling may allow out-of-bounds read (bsc#1256418).
    - CVE-2025-4476: null pointer dereference may lead to denial of service (bsc#1243422).
    - CVE-2025-32049: denial of Service attack to websocket server (bsc#1240751).
    - CVE-2026-2369: buffer overread due to integer underflow when handling zero-length resources     (bsc#1258120).
    - CVE-2026-2443: out-of-bounds read when processing specially crafted HTTP Range headers can lead to heap     information       disclosure to remote attackers (bsc#1258170).
    - CVE-2026-2708: HTTP request smuggling via duplicate Content-Length headers (bsc#1258508).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0657-1 advisory.

    - CVE-2025-32049: denial of Service attack to websocket server (bsc#1240751).
    - CVE-2026-2369: buffer overread due to integer underflow when handling zero-length resources     (bsc#1258120).
    - CVE-2026-2443: out-of-bounds read when processing specially crafted HTTP Range headers can lead to heap     information       disclosure to remote attackers (bsc#1258170).
    - CVE-2026-2708: HTTP request smuggling via duplicate Content-Length headers (bsc#1258508).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0690-1 advisory.

    - CVE-2025-32049: denial of Service attack to websocket server (bsc#1240751).
    - CVE-2026-2369: buffer overread due to integer underflow when handling zero-length resources     (bsc#1258120).
    - CVE-2026-2443: out-of-bounds read when processing specially crafted HTTP Range headers can lead to heap     information       disclosure to remote attackers (bsc#1258170).
    - CVE-2026-2708: HTTP request smuggling via duplicate Content-Length headers (bsc#1258508).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0689-1 advisory.

    - CVE-2025-32049: denial of Service attack to websocket server (bsc#1240751).
    - CVE-2026-2369: buffer overread due to integer underflow when handling zero-length resources     (bsc#1258120).
    - CVE-2026-2443: out-of-bounds read when processing specially crafted HTTP Range headers can lead to heap     information       disclosure to remote attackers (bsc#1258170).
    - CVE-2026-2708: HTTP request smuggling via duplicate Content-Length headers (bsc#1258508).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content with a     zero-length resource, leading to a buffer overread. This can allow an attacker to potentially access     sensitive information or cause an application level denial of service. (CVE-2026-2369)

Note that Nessus relies on the presence of the package as reported by the vendor.

ID	Name	Product	Family	Severity
302341	openSUSE 16 Security Update : libsoup2 (openSUSE-SU-2026:20354-1)	Nessus	SuSE Local Security Checks	high
301458	SUSE SLES15 Security Update : libsoup2 (SUSE-SU-2026:0834-1)	Nessus	SuSE Local Security Checks	medium
301358	Amazon Linux 2023 : libsoup3, libsoup3-devel (ALAS2023-2026-1460)	Nessus	Amazon Linux Local Security Checks	medium
300651	SUSE SLES12 Security Update : libsoup (SUSE-SU-2026:0703-1)	Nessus	SuSE Local Security Checks	medium
300582	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libsoup2 (SUSE-SU-2026:0657-1)	Nessus	SuSE Local Security Checks	medium
300249	SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libsoup (SUSE-SU-2026:0690-1)	Nessus	SuSE Local Security Checks	medium
300248	SUSE SLES15 Security Update : libsoup (SUSE-SU-2026:0689-1)	Nessus	SuSE Local Security Checks	medium
298801	Linux Distros Unpatched Vulnerability : CVE-2026-2369	Nessus	Misc.	medium

Detections

Analytics

CVE-2026-2369

medium

Tenable Plugins

high

medium

medium

medium

medium

medium

medium

medium