CVE-2026-47221 | envoyproxy envoy up to 1.35.12/1.36.8/1.37.4/1.38.2 PATCH Request null pointer dereference (GHSA-rcff-gw58-pjpr)
A vulnerability, which was classified as problematic, was found in envoyproxy envoy up to 1.35.12/1.36.8/1.37.4/1.38.2. This issue affects some unknown processing of the component PATCH Request Handler. The manipulation results in null pointer dereference.
This vulnerability is cataloged as CVE-2026-47221. The attack may be launched remotely. There is no exploit available.
You should upgrade the affected component.VulDB Recent EntriesRead More