Lucene search
K

10271 matches found

Nuclei
Nuclei
added yesterday93 views

Php-mod/curl Library <2.3.2 - Cross-Site Scripting

Php-mod/curl library before 2.3.2 contains a cross-site scripting vulnerability via the postfilepathupload.php key parameter and the POST data to postmultidimensional.php. An attacker can inject arbitrary script, which can allow theft of cookie-based authentication credentials and launch of other...

6.1CVSS6.5AI score0.01261EPSS
Exploits2References3
RedhatCVE
RedhatCVE
added 2 days ago4 views

CVE-2026-11352

A flaw was found in curl and libcurl. A malicious HTTP/3 server can exploit an issue in the QUIC UDP receive function by continuously streaming empty UDP datagrams. This can lead to a remote denial of service DoS against a curl or libcurl client, as the helper function discards zero-length UDP...

7.5CVSS6.1AI score0.0075EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2 days ago4 views

CVE-2026-12064

A flaw was found in curl. When a user invokes curl with a schemeless URL and specifies SFTP SSH File Transfer Protocol or SCP Secure Copy Protocol as the default protocol, the tool layer fails to initialize critical SSH security options. This bypasses host verification, allowing curl to connect t...

7.5CVSS5.9AI score0.0048EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2 days ago4 views

CVE-2026-8286

A flaw was found in curl. When a new data transfer attempts to upgrade its connection using STARTTLS, it may incorrectly reuse an existing live connection. This reuse can occur even if the Transport Layer Security TLS configuration of the new transfer does not match the existing connection,...

8.1CVSS5.8AI score0.00413EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2 days ago4 views

CVE-2026-8925

A flaw was found in curl. The logic handling SASL Simple Authentication and Security Layer authentication could lead to a double-free vulnerability. This occurs because the GSASL context may be deallocated twice without clearing the pointer, potentially leading to memory corruption. An attacker...

9.8CVSS6AI score0.00765EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2 days ago4 views

CVE-2026-8927

A flaw was found in libcurl. When reusing a libcurl handle for sequential transfers with environment-variable proxy configuration, the library does not properly clear the proxy authentication state. This oversight can lead to the unintended disclosure of Proxy-Authorization headers to an incorrec...

9.1CVSS5.8AI score0.00589EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2 days ago4 views

CVE-2026-8926

A flaw was found in curl. When curl is configured to use a .netrc file for credentials and a URL is provided with a username but no password, curl may incorrectly retrieve and use the password for a different user from the .netrc file for the same host. This could lead to unauthorized information...

9.1CVSS5.8AI score0.00479EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2 days ago6 views

CVE-2026-9079

A flaw was found in curl. When libcurl is instructed to clear proxy authentication credentials, it fails to do so, leaving the old credentials available. This could lead to the unintended reuse of sensitive proxy authentication credentials for subsequent network transfers, potentially resulting i...

9.8CVSS5.8AI score0.00754EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2 days ago5 views

CVE-2026-8932

A flaw was found in curl. The libcurl library, used for transferring data with URLs, could improperly reuse existing network connections. This occurred even when changes to mutual Transport Layer Security mTLS settings, particularly those for client certificates, should have prevented such reuse...

7.5CVSS6AI score0.00281EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2 days ago4 views

CVE-2026-9080

A flaw was found in libcurl. When curleasypause is called within the event-based CURLMOPTSOCKETFUNCTION callback, a use-after-free vulnerability is triggered. This occurs because libcurl attempts to store a flag using a pointer to memory that has already been freed. An attacker could potentially...

7.3CVSS6AI score0.00407EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2 days ago4 views

CVE-2026-9547

A flaw was found in curl. When a libcurl-based application uses SCP:// or SFTP:// for transfers and employs the CURLOPTSSHKEYFUNCTION callback, it may silently accept an untrusted server. This occurs if the server's host key type differs from the one stored in the knownhosts file. The callback...

7.4CVSS5.8AI score0.00384EPSS
Exploits1References6
Snyk
Snyk
added 5 days ago6 views

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free in the curleasycleanup process after configuring an HTTP/2 stream-dependency tree using CURLOPTSTREAMDEPENDS or CURLOPTSTREAMDEPENDSE and invoking curleasyreset. An attacker can cause the application to access freed memor...

9.8CVSS6.2AI score0.00631EPSS
Exploits1References2
Snyk
Snyk
added 5 days ago5 views

Infinite loop

Overview Affected versions of this package are vulnerable to Infinite loop in the udpreceive process. An attacker can cause the client to enter a busy-loop and become unresponsive by continuously sending zero-length UDP datagrams from a malicious HTTP/3 server. Remediation Upgrade libcurl to...

8.7CVSS6.2AI score0.0075EPSS
Exploits1References2
Snyk
Snyk
added 5 days ago5 views

Authentication Bypass by Primary Weakness

Overview Affected versions of this package are vulnerable to Authentication Bypass by Primary Weakness in the connection pool process. An attacker can bypass intended certificate validation by reusing a handle that initially used the default native CA trust and then switching it to custom CA...

9.1CVSS6AI score0.00479EPSS
Exploits1References2
Snyk
Snyk
added 5 days ago6 views

Use After Free

Overview Affected versions of this package are vulnerable to Use After Free in the CURLMOPTSOCKETFUNCTION callback when curleasypause is called. An attacker can execute arbitrary code or cause a denial of service by triggering the use of a dangling pointer after memory has been freed. Remediation...

8.8CVSS6.2AI score0.00407EPSS
Exploits1References2
Snyk
Snyk
added 5 days ago5 views

Insertion of Sensitive Information Into Sent Data

Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data in the process of reusing a handle for sequential transfers with environment-variable proxy configuration. An attacker can cause sensitive authentication headers to be sent to an...

9.1CVSS6AI score0.00589EPSS
Exploits1References2
NVD
NVD
added 5 days ago6 views

CVE-2026-8927

When reusing a libcurl handle for sequential transfers driven by environment-variable proxy configuration, libcurl fails to clear the proxy authentication state between requests. Specifically, if the initial transfer authenticates against proxyA using Digest auth, a subsequent transfer routed...

9.1CVSS0.00589EPSS
Exploits1References3
NVD
NVD
added 5 days ago6 views

CVE-2026-8926

When asking curl to use a .netrc file to find credentials and at the same time specifying a URL with a usernamewithout a password, like https://[email protected]/, curl could wrongly get and use the password for another user set in the .netrc file for that host if such a one exists and there is no...

9.1CVSS0.00479EPSS
Exploits1References3
NVD
NVD
added 5 days ago7 views

CVE-2026-9080

Calling curleasypause within the event-based CURLMOPTSOCKETFUNCTION callback triggers a use-after-free vulnerability, where libcurl attempts to store a flag using a dangling struct pointer immediately after that pointer's memory has been freed...

7.3CVSS0.00407EPSS
Exploits1References3
OSV
OSV
added 5 days ago3 views

ALPINE-CVE-2026-9080

Calling curleasypause within the event-based CURLMOPTSOCKETFUNCTION callback triggers a use-after-free vulnerability, where libcurl attempts to store a flag using a dangling struct pointer immediately after that pointer's memory has been freed...

7.3CVSS5.9AI score0.00407EPSS
Exploits1References1
Rows per page
Query Builder