Medium severityNVD Advisory· Published Feb 18, 2026· Updated Apr 15, 2026

CVE-2025-12811

Description

Improper Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') in Delinea Inc. Cloud Suite and Privileged Access Service.

If you're not using the latest Server Suite agents, this fix requires that you upgrade to Server Suite 2023.1 (agent 6.0.1) or later. * If you cannot upgrade to Release 2023.1 (agent version 6.0.1) or later, you can choose one of the following versions:

Server Suite release 2023.0.5 (agent version 6.0.0-158)

Server Suite release 2022.1.10 (agent version 5.9.1-337)

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

docs.delinea.com/online-help/cloud-suite/release-notes/cloud-suite/25.1.htmnvd
trust.delinea.comnvd

News mentions

No linked articles in our index yet.

cvss	0.260
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000