Tech Jun 5, 2026 10 min Request smuggling vs request splitting in Spring Boot: what to check for each Two CRLF-adjacent bugs, two different checks. Smuggling is a proxy↔Tomcat HTTP/1.1 framing mismatch (tomcat-embed-core version, CVE-2026-24880); splitting is CRLF in sendRedirect/setHeader/RestTemplate. With a grep checklist. Security Spring Java Vulnerability
