CVE-2026-6338 – HTTP request smuggling in Kong Enteprise Gateway

CVE ID :CVE-2026-6338

Published : June 11, 2026, 2:16 p.m. | 1 hour, 3 minutes ago

Description :A HTTP request smuggling and desynchronization vulnerability affects Kong Gateway Enterprise 3.4, 3.10, 3.11, 3.12, 3.13, and 3.14 series. The vulnerability is caused by a parsing flaw in Kong’s HTTP request processing pipeline when handling untrusted HTTP/1.1 traffic.

Severity: 4.9 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-9648 – CVE-2026-9648

CVE-2026-7870 – IBM i is Affected by Privilege Escalation []

CVE-2026-7787 – Unauthenticated Session History Access via Public Flow Execution

CVE-2026-4096 – A vulnerability has been identified in IBM DevOps Plan that allows a Host Header Injection attack due to improper handling of the Host header in HTTP requests.