🟠 High  |  Source: Microsoft Security Response Center


CVE-2026-15711 is a denial-of-service vulnerability in libsoup, an HTTP client/server library used in Linux-based environments, affecting its WebSocket implementation. An attacker can send an oversized WebSocket control frame that violates protocol rules, causing the connection to crash or become unresponsive. This matters because libsoup is widely used in applications running on Azure and Linux-based cloud workloads, meaning exposed services could be taken offline without authentication.

Security Architect’s Take: Identify any Azure-hosted Linux workloads or containerised applications that depend on libsoup for WebSocket or HTTP handling, and prioritise patching to the fixed library version. Consider adding network-level controls such as Web Application Firewall rules or API Gateway protections to restrict oversized or malformed WebSocket frames as a compensating control until patches are applied.

Original advisory: CVE-2026-15711 Libsoup: soupwebsocketconnection: libsoup: websocket remote denial of service via oversized control frame protocol violation