A security researcher discovered a critical HTTP desync vulnerability in Discord's media proxy that allowed attackers to hijack shared GCP connections and potentially spy on user data. The vulnerability enabled injection of malicious HTTP requests that could capture and upload other users' media content to an attacker-controlled bucket. Discord has since patched this serious security flaw.
Background
HTTP desync attacks exploit inconsistencies in how servers handle HTTP requests, allowing attackers to inject malicious content and potentially access sensitive data. Discord uses a media proxy service to handle user uploads and downloads through Google Cloud Platform storage buckets.
- Source
- Lobsters
- Published
- Apr 17, 2026 at 07:59 PM
- Score
- 8.0 / 10