HTTP Request Smuggling Vulnerability Identified in Starman Web Server
A new security vulnerability, CVE-2026-40560, has been disclosed in Starman Perl web server versions prior to 0.4018. This flaw allows for HTTP Request Smuggling due to improper header precedence, where 'Content-Length' is incorrectly prioritized over 'Transfer-Encoding: chunked'. An attacker could potentially exploit this to inject malicious HTTP requests through a front-end reverse proxy.
Want more?
Open NewsSnap.ai for the full app experience, including audio, personalization, and more news tools.