JFrog Security identified a critical vulnerability, CVE-2021-40346, in HAProxy, a widely used open-source load balancer, which could lead to an HTTP Request Smuggling attack due to an integer overflow. This vulnerability, with a CVSSv3 score of 8.6, allows attackers to bypass security controls, access sensitive data, execute unauthorized commands, and more by sending specially crafted HTTP requests that exploit parsing inconsistencies between frontend and backend servers. The issue is rooted in HAProxy's handling of Content-Length headers and was responsibly disclosed, with fixes incorporated in versions 2.0.25, 2.2.17, 2.3.14, and 2.4.4. Users unable to upgrade can apply configuration changes to mitigate the risk. The discovery highlights the importance of thorough security audits and automated detection tools for identifying potential vulnerabilities in widely deployed software.