CVE-2026-41417 - Netty vulnerable to HTTP request smuggling and RTSP request injection via DefaultHttpRequest.setUri()
CVE ID :CVE-2026-41417 Published : May 6, 2026, 10:16 p.m. | 38 minutes ago Description :Netty allows request-line validation to be bypassed when a `DefaultHttpRequest` or `DefaultFullHttpRequest` is created first and its URI is later changed via `setUri()`. The constructors reject CRLF and wh
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Typescript Monorepo Development using Docker Compose Watch, Turborepo and PNPM
- [CYBER] North Korean hackers targeted ethnic Koreans in China with Android ‘BirdCall’ malware
- [CYBER] Threat Brief: Exploitation of PAN-OS Captive Portal Zero-Day for Unauthenticated Remote Code Execution
- [CYBER] CVE-2026-32710 MariaDB JSON_SCHEMA_VALID heap buffer overflow leading to RCE
- [CYBER] CVE-2026-6278 - CVE-2019-1905: Cisco WebEx Meeting Center Unvalidated Redirect
- [CYBER] Build a Secure API with Rails 8 - Part-1