VYPR
High severity7.5NVD Advisory· Published Sep 26, 2025· Updated Apr 15, 2026

CVE-2025-11021

CVE-2025-11021

Description

A flaw was found in the cookie date handling logic of the libsoup HTTP library, widely used by GNOME and other applications for web communication. When processing cookies with specially crafted expiration dates, the library may perform an out-of-bounds memory read. This flaw could result in unintended disclosure of memory contents, potentially exposing sensitive information from the process using libsoup.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

26

Patches

Vulnerability mechanics

References

16

News mentions

0

No linked articles in our index yet.