CVE-2026-8458
- EPSS 0.54%
- Veröffentlicht 03.07.2026 06:14:42
- Zuletzt bearbeitet 07.07.2026 23:12:17
libcurl might in some circumstances reuse the wrong connection when asked to do Negotiate-authenticated ones, even when they are set to use different 'services'. libcurl features a pool of recent connections so that subsequent requests can reuse an ...
CVE-2026-8286
- EPSS 0.52%
- Veröffentlicht 03.07.2026 06:14:17
- Zuletzt bearbeitet 07.07.2026 19:42:11
A vulnerability exists where a new transfer that uses STARTTLS to upgrade the connection might reuse an existing live connection even though the TLS configuration mismatches so it should not.
CVE-2026-12064
- EPSS 0.57%
- Veröffentlicht 03.07.2026 06:13:55
- Zuletzt bearbeitet 07.07.2026 19:43:11
When a user invokes curl using a schemeless URL combined with `--proto-default` sftp (or scp), a disconnect occurs between the tool layer and libcurl. The tool layer incorrectly infers the URL scheme, which erroneously bypasses the initialization of ...
CVE-2026-11856
- EPSS 1.06%
- Veröffentlicht 03.07.2026 06:13:31
- Zuletzt bearbeitet 07.07.2026 19:43:55
Successfully using libcurl to do a transfer to a specific HTTP origin (`hostA`) with **Digest** authentication and then changing the origin to a different one (`hostB`) for a second transfer, reusing the same handle, makes libcurl wrongly pass on the...
CVE-2026-11586
- EPSS 0.86%
- Veröffentlicht 03.07.2026 06:13:04
- Zuletzt bearbeitet 07.07.2026 17:59:46
By default, curl automatically responds to WebSocket PING frames. Because curl lacks an upper bound on memory allocation for unacknowledged frames, a malicious server can exhaust all available memory by flooding curl with rapid, sequential PING messa...
CVE-2026-11564
- EPSS 0.61%
- Veröffentlicht 03.07.2026 06:12:35
- Zuletzt bearbeitet 07.07.2026 18:00:35
libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. An easy handle that first uses default native CA trust can continue trusting the native platform store after the appli...
CVE-2026-11352
- EPSS 1.01%
- Veröffentlicht 03.07.2026 06:12:10
- Zuletzt bearbeitet 07.07.2026 18:01:19
An issue in curl’s QUIC UDP receive function allows a malicious HTTP/3 server to trigger a remote denial of service against a curl or libcurl client. Because the helper function discards zero-length UDP datagrams before counting them toward the per-c...
CVE-2026-10536
- EPSS 0.89%
- Veröffentlicht 03.07.2026 06:11:15
- Zuletzt bearbeitet 07.07.2026 18:02:03
A use-after-free vulnerability exists in libcurl when an application configures an HTTP/2 stream-dependency tree via `CURLOPT_STREAM_DEPENDS` or `CURLOPT_STREAM_DEPENDS_E`, subsequently invokes `curl_easy_reset()`, and finally terminates the handle w...
CVE-2026-7168
- EPSS 0.47%
- Veröffentlicht 13.05.2026 08:29:08
- Zuletzt bearbeitet 14.05.2026 14:12:48
Successfully using libcurl to do a transfer over a specific HTTP proxy (`proxyA`) with **Digest** authentication and then changing the proxy host to a second one (`proxyB`) for a second transfer, reusing the same handle, makes libcurl wrongly pass on...
CVE-2026-7009
- EPSS 0.27%
- Veröffentlicht 13.05.2026 08:28:53
- Zuletzt bearbeitet 14.05.2026 14:17:05
When curl is told to use the Certificate Status Request TLS extension, often referred to as *OCSP stapling*, to verify that the server certificate is valid, it fails to detect OCSP problems and instead wrongly consider the response as fine.