CVE-2025-32911
CriticalCVSS 9.0Exploitation Probability (EPSS)
Elevated risk52th percentile - higher than 52% of all known CVEs
Summary
A use-after-free vulnerability was found in the libsoup library, in the soup_message_headers_get_content_disposition() function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server.
Risk Assessment
An attacker could cause a server crash or potentially execute arbitrary code, threatening system availability and integrity.
Recommendation
Immediately update the libsoup library to a version containing the fix for this vulnerability.
Original NVD description (English source)
A use-after-free type vulnerability was found in libsoup, in the soup_message_headers_get_content_disposition() function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server.

