A vulnerability has been found in varnish-software Varnish Cache up to 9.0.0 and classified as problematic . The impacted element is the function timeout_linger . Performing a manipulation results in incorrect control flow. This vulnerability is known as CVE-2026-40396 . Remote exploitation of the attack is possible. No exploit is available. The affected component should be upgraded.