Lucene search
K

4 matches found

OSV
OSV
added 2026/07/03 6:14 a.m.3 views

CVE-2026-8458 wrong reuse for different services

libcurl might in some circumstances reuse the wrong connection when asked to do Negotiate-authenticated ones, even when they are set to use different 'services'. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead. When...

6.5CVSS6.1AI score0.00543EPSS
Exploits1References5
OSV
OSV
added 2026/06/24 8:0 a.m.10 views

CURL-CVE-2026-8458 wrong reuse for different services

libcurl might in some circumstances reuse the wrong connection when asked to do Negotiate-authenticated ones, even when they are set to use different "services". libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead. When...

6.5CVSS5.8AI score0.00543EPSS
Exploits1
ATTACKERKB
ATTACKERKB
added 2026/05/13 8:27 a.m.15 views

CVE-2026-5545

libcurl might in some circumstances reuse the wrong connection when asked to do an authenticated HTTPS request after a Negotiate-authenticated one, when both use the same host. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid...

5.8AI score0.00414EPSS
Exploits1References4Affected Software1
Debian CVE
Debian CVE
added 2026/04/24 1:46 a.m.6 views

CVE-2026-32952

go-ntlmssp is a Go package that provides NTLM/Negotiate authentication over HTTP. Prior to version 0.1.1, a malicious NTLM challenge message can causes an slice out of bounds panic, which can crash any Go process using ntlmssp.Negotiator as an HTTP transport. Version 0.1.1 patches the issue...

7.5CVSS5.3AI score0.01027EPSS
Exploits0
Rows per page
Query Builder