All CVEs View on NVD
CVE-2026-11564
CRITICAL9.1
Published 2026-07-03 · Updated 2026-07-06 · Source 2499f714-1537-4658-8207-48ae4bb9eae9
Description
libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. An easy handle that first uses default native CA trust can continue trusting the native platform store after the application switches that same handle to custom CA material for a later transfer.
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

