WEBrick 1.9.2 Request Smuggling via Content-Length Reparse
CVE-2026-38969 Published on July 2, 2026
ruby webrick through v1.9.2 WEBrick reparses trailer Content-Length into canonical request state, enabling request smuggling.