Security update for libsoup2 (moderate)

openSUSE security update: security update for libsoup2 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20895-1 Rating: moderate References: bsc1257649 Cross-References: CVE-2026-1801 CVSS scores: CVE-2026-1801 SUSE : 5.3...

OPENSUSE-SU-2026:20895-1 Security update for libsoup2

This update for libsoup2 fixes the following issues: - CVE-2026-1801: Use CRLF as line boundary when parsing chunk encoding data bsc1257649...

CVE-2026-1801

A flaw was found in libsoup, an HTTP client/server library. This HTTP Request Smuggling vulnerability arises from non-RFC-compliant parsing in the soupfilterinputstreamreadline logic, where libsoup accepts malformed chunk headers, such as lone line feed LF characters instead of the required...

EUVD-2026-1801

The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.49.1 via the 'listenforcsvexport' function. This is due to the plugin not properly verifying that a user is authorized to...