2 matches found
CVE-2026-12478
creationtimestamp| type| source ---|---|--- 2026-07-14 12:24:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqm77bdq4b2g...
CVE-2026-12478
The fix for CVE-2026-0716 commit 6ff7ef0, libsoup 3.6.6 placed the integer overflow guard inside the if masked block, leaving unmasked server-to-client frames unprotected. A malicious WebSocket server can send a crafted unmasked frame with a payload length near UINT64MAX to trigger an OOB read in...