Vulnerabilities

Report: CVE-2026-42585 - Netty: HTTP Request Smuggling due to malformed Transfer-Encoding - Complete Guide

2026-05-13 0 views admin

CVE ID :CVE-2026-42585 Published : May 13, 2026, 7:17 p.m. | 29 minutes ago Description :Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty incorrectly parses malformed Transfer-Encoding, enabling request smuggling attacks. This vulnerability is fixed in 4.2.13.Final and 4.1.133.Final. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-42585

Severity

MEDIUM

Published

May 13, 2026

Attack Vector: network

🏷️ Tags

report42585nettyrequestsmugglingmalformedtransferencodingcompleteguide

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: CVE-2026-42585 - Netty: HTTP Request Smuggling due to malformed Transfer-Encoding - Complete Guide

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: Update: CVE-2026-41132 - CKAN: No certificate validation on STMP connection

Report: CVE-2026-42032 - CKAN: Unauthenticated Authorization Bypass in `datastore_search_sql` - Expert Insights

Report: CVE-2026-42031 - CKAN: Unauthenticated SQL Injection and Authorization Bypass in `datastore_searc

Report: CVE-2026-41255 - CKAN: CSRF exemption primed by anonymous requests

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting