CVE-2026-15714
The CVE concerns libsoup, specifically the soup_multipart_input_stream_read_headers() function in soup-multipart-input-stream.c, where the boundary size is not adequately validated. A crafted HTTP response with a malformed or oversized multipart boundary allows an out-of-bounds read, enabling a r...