Denial of Service Vulnerability in Varnish Cache by Varnish Software
CVE-2026-40394

4MEDIUM

Key Information:

Vendor: Varnish-software
Status: Varnish Cache
Vendor: CVE Published:; 12 April 2026

🔔 Create Varnish-software Vulnerability Alert

What is CVE-2026-40394?

The vulnerability in Varnish Cache versions prior to 9.0.1 and Varnish Enterprise prior to 6.0.16r11 allows for a denial of service due to a 'workspace overflow'. This issue arises when an HTTP/2 session initiates with a speculative HTTP/1 transport, transitioning to h2. During this transition, buffer allocation for sending client frames can disrupt the original workspace. If a high volume of prefetched data is present, subsequent fetch operations may exceed the capacity of the workspace, potentially causing daemon panic.

Affected Version(s)

Varnish Cache 9.0.0 < 9.0.1

References

https://docs.varnish-software.com/security/VEV00002/

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 12, 2026
Vulnerability Reserved
Apr 12, 2026

CVE-2026-40394 Data

JSON