A vulnerability was found in Varnish Enterprise up to 6.0.16r11 and classified as problematic . This affects the function headerplus.write_req0 of the component Header Field Handler . Executing a manipulation can lead to allocation of resources. This vulnerability is handled as CVE-2026-40395 . The attack can be executed remotely. There is not any exploit available. It is suggested to upgrade the affected component.