9.8

CVE-2026-11856

Exploit

cross-origin Digest auth state leak

Successfully using libcurl to do a transfer to a specific HTTP origin
(`hostA`) with **Digest** authentication and then changing the origin to a
different one (`hostB`) for a second transfer, reusing the same handle, makes
libcurl wrongly pass on the  `Authorization:` header field meant for `hostA`,
to `hostB`.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
HaxxCurl Version >= 7.10.6 < 8.21.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.06% 0.607
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-294 Authentication Bypass by Capture-replay

A capture-replay flaw exists when the design of the product makes it possible for a malicious user to sniff network traffic and bypass authentication by replaying it to the server in question to the same effect as the original message (or with minor changes).

https://hackerone.com/reports/3793260
Third Party Advisory
Exploit
Issue Tracking
https://curl.se/docs/CVE-2026-11856.html
Patch
Vendor Advisory
https://curl.se/docs/CVE-2026-11856.json
Vendor Advisory