CVE-2026-28367EXPLOITED

red hat · red hat build of apache camel for spring boot

Undertow: undertow: request smuggling via `\r\r\r` as a header block terminator

Description

A remote, anonymous attacker can exploit multiple vulnerabilities in Red Hat Undertow to bypass security measures, manipulate data, and disclose confidential information.

Affected Products

Vendor	Product	Versions
red hat	red hat build of apache camel for spring boot	—

References

https://access.redhat.com/security/cve/CVE-2026-28367(vdb-entry, x_refsource_REDHAT)
https://bugzilla.redhat.com/show_bug.cgi?id=2443260(issue-tracking, x_refsource_REDHAT)

Related News (3 articles)

Tier B

BSI Advisories7h ago

[NEU] [UNGEPATCHT] [hoch] Red Hat Undertow: Mehrere Schwachstellen ermöglichen Umgehung von Sicherheitsmaßnahmen

→ No new info (linked only)

Tier C

VulDB2d ago

CVE-2026-28367 | Undertow Web Request request smuggling

→ No new info (linked only)

Tier C

VulDB2d ago

CVE-2026-28367 | Undertow Web Request request smuggling

→ No new info (linked only)

CVSS 3.18.7 HIGH

CISA KEV❌ No

Actively exploited✅ Yes

CWECWE-444

Published3/27/2026

Last enriched6h agov4

Trending Score57

Source articles3

Independent2

Info Completeness8/14

Missing: versions, epss, kev, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-1961EXP

Forman: foreman: remote code execution via command injection in websocket proxy

Trending: 69

HIGHCVE-2026-28369EXP

Undertow: undertow: request smuggling via malformed http request headers

Trending: 62

NONECVE-2026-5165EXP

Virtio-win: virtio-win: memory corruption via use-after-free in virtio blk device reset

Trending: 40

NONECVE-2026-5119EXP

Libsoup: libsoup: information disclosure via cleartext transmission of cookies during https tunnel establishment

Trending: 38

NONECVE-2026-4948EXP

Firewalld: firewalld: local unprivileged user can modify firewall state due to d-bus setter mis-authorization

Trending: 29

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Mar 27, 2026

Discovered by ZDM

Mar 27, 2026

Updated: severity, activelyExploited

Mar 27, 2026

Updated: description

Mar 28, 2026

Actively Exploited

Mar 30, 2026

Exploit Available

Mar 30, 2026

Updated: severity, exploitAvailable, description

Mar 30, 2026

Version History

Last enriched 6h ago

v4Tier B6h ago

Updated severity to HIGH, marked exploit as available, and provided a more detailed description of the vulnerabilities.

severityexploitAvailabledescription

via BSI Advisories

v3Tier C2d ago

Updated description with new details and corrected exploit availability to false.

description

via VulDB

v2Tier C2d ago

Updated severity to CRITICAL and noted that there is no exploit available.

severityactivelyExploited

via VulDB

v13d ago

Initial creation