CVE-2025-32094: HTTP Request Smuggling Via OPTIONS + Obsolete Line Folding
Akamai Technologies, Wednesday, August 6th, 2025
In March 2025, Akamai received a bug bounty report identifying an HTTP Request Smuggling vulnerability. We quickly resolved the issue for all customers via a platform-wide fix with no evidence of any successful exploitation of the attack vector known to us.
We provided our customers with regular updates about this vulnerability; however, as per our agreement with the bug bounty reporter, James Kettle from PortSwigger, we delayed sharing the full details publicly to align with the reporter's plans for publication of related research at BlackHat 2025.