A vulnerability has been found in envoyproxy envoy up to 1.35.10/1.36.6/1.37.2/1.38.0 and classified as problematic . Impacted is the function c_str of the component Helper Utility . This manipulation causes improper neutralization of null byte or nul character. This vulnerability is registered as CVE-2026-47778 . Remote exploitation of the attack is possible. No exploit is available. The affected component should be upgraded.