Product
A high-severity vulnerability, CVE-2026-38969, exists in Ruby WEBrick versions up to v1.9.2 due to improper re-parsing of the 'trailer Content-Length' header, enabling HTTP request smuggling that attackers can exploit to bypass security controls and gain unauthorized access or execute arbitrary requests.