← All advisoriesImportant severity7.5NVD Advisory· Published Jun 26, 2026envoy: Envoy: Request desynchronization allows security policy bypass via HTTP/3 to HTTP/1 translationCVE-2026-48743Descriptionenvoy: Envoy: Request desynchronization allows security policy bypass via HTTP/3 to HTTP/1 translationAffected products1Envoy/envoyllm-fuzzyPatchesVulnerability mechanicsNews mentions0No linked articles in our index yet.