A vulnerability was found in envoyproxy envoy up to 1.35.10/1.36.6/1.37.2/1.38.0 . It has been declared as problematic . This affects an unknown function. Executing a manipulation can lead to http request smuggling. This vulnerability appears as CVE-2026-48743 . The attack may be performed from remote. There is no available exploit. It is recommended to upgrade the affected component.