Resource exhaustion in Red Hat Enterprise Linux 10

CVE-2026-15711

A vulnerability was found in libsoup's WebSocket frame parsing implementation. The library fails to validate length rules specified in RFC 6455 §5.5, which mandates that all WebSocket control frames (e.g., PING, PONG, CLOSE) contain a payl…

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2026-15711?
CVE-2026-15711 is a high-severity vulnerability in Red Hat Enterprise Linux 10, classified under Allocation of Resources Without Limits or Throttling. CVSS score: 7.5/10. Published 2026-07-14.
How severe is CVE-2026-15711?
High severity. CVSS v3 base score is 7.5 out of 10.