CVE-2026-48998 | guzzle psr7 up to 2.10.1 Message::parseRequest missing initialization (GHSA-34xg-wgjx-8xph / EUVD-2026-36239)

A vulnerability identified as problematic has been detected in guzzle psr7 up to 2.10.1. This impacts the function Message::parseRequest. The manipulation leads to missing initialization of a variable. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is traded as CVE-2026-48998. It is possible to initiate the attack remotely. There is no exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More