Is CVE-2026-28367 actively exploited?

CVE-2026-28367 has no public evidence of in-the-wild exploitation as of 2026-04-10.

What is the CVSS score for CVE-2026-28367?

CVE-2026-28367 has a CVSS score of 8.7 (HIGH severity). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N.

How do I patch CVE-2026-28367?

Patch guidance is available from redhat security advisories. CVEDatabase generates AI-assisted remediation guidance on demand for CVE-2026-28367.

Fix CVE-2026-28367 - HIGH | CVEDatabase.com

Q: Which products are affected by CVE-2026-28367?

10 products: redhat build of apache camel - hawtio, redhat build of apache camel for spring boot, redhat data grid, redhat fuse, redhat jboss enterprise application platform, and 5 more.

Description

A flaw was found in Undertow. A remote attacker can exploit this vulnerability by sending `\r\r\r` as a header block terminator. This can be used for request smuggling with certain proxy servers, such as older versions of Apache Traffic Server and Google Cloud Classic Application Load Balancer, potentially leading to unauthorized access or manipulation of web requests.

CVSS Metrics

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
Attack Vector: network
Complexity: high
Privileges: none
User Action: none
Scope: changed
Confidentiality: high
Integrity: high
Availability: none
Weaknesses: CWE-444

Metadata

Primary Vendor: REDHAT
Published: 3/27/2026
Last Modified: 4/10/2026
Source: NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

redhat : build_of_apache_camel_-_hawtioredhat : build_of_apache_camel_for_spring_bootredhat : data_gridredhat : fuseredhat : jboss_enterprise_application_platformredhat : jboss_enterprise_application_platformredhat : jboss_enterprise_application_platform_expansion_packredhat : process_automationredhat : single_sign-onredhat : undertow

Remediation Guidance

Executive Summary

View on NIST NVD