Vulnerability Details CVE-2026-12606
Eclipse Grizzly in versions before 5.0.2, cannot properly parse the trailer section in malformed trailer header's line, which can be leveraged to perform HTTP request smuggling.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 18.4%
CVSS Severity
CVSS v3 Score 5.3
Products affected by CVE-2026-12606
-
cpe:2.3:a:eclipse:grizzly:4.0.0
-
cpe:2.3:a:eclipse:grizzly:4.0.1
-
cpe:2.3:a:eclipse:grizzly:4.0.2
-
cpe:2.3:a:eclipse:grizzly:5.0.0
-
cpe:2.3:a:eclipse:grizzly:5.0.1