CVE-2026-11564
EUVD-2026-4149903.07.2026, 07:16
libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. An easy handle that first uses default native CA trust can continue trusting the native platform store after the application switches that same handle to custom CA material for a later transfer.Enginsight
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| curl | curl | 𝑥 ≤ 8.20.0 | CNA |
| curl | curl | 𝑥 ≤ 8.19.0 | CNA |
| curl | curl | 𝑥 ≤ 8.18.0 | CNA |
| curl | curl | 𝑥 ≤ 8.17.0 | CNA |
Debian Releases
Vulnerability Media Exposure