A vulnerability categorized as problematic has been discovered in envoyproxy envoy up to 1.37.4/1.38.2 . Affected is an unknown function of the component Host Header Handler . The manipulation results in null pointer dereference. This vulnerability is known as CVE-2026-47220 . It is possible to launch the attack remotely. No exploit is available. It is advisable to upgrade the affected component.