HackerFeeds
All CVEs

CVE-2026-11564

CRITICAL9.1

Published 2026-07-03 · Updated 2026-07-06 · Source 2499f714-1537-4658-8207-48ae4bb9eae9

Description

libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. An easy handle that first uses default native CA trust can continue trusting the native platform store after the application switches that same handle to custom CA material for a later transfer.

CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

View on NVD