Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
4.0 MEDIUM
CVE-2026-47898 — Apache Lucene.Net: XXE vulnerability in Lucene.Net.Analysis.Common PatternParser

Improper Restriction of XML External Entity Reference vulnerability in Apache Lucene.Net (Lucene.Net.Analysis.Common library). This issue affects Apache Lucene.Net.Analysis.Common: from 4.8.0-beta00…

lucene.net | XML External Entity
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
8.9 HIGH
CVE-2026-47897 — Apache Lucene.Net: Arbitrary file write from malicious server to Lucene.Net.Replicator cl…

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Apache Lucene.Net (Lucene.Net.Replicator library). This issue affects Apache Lucene.Net.Replicator: fr…

lucene.net | Remote | Path Traversal
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
9.8 CRITICAL
CVE-2026-14544 — Hplip: incomplete fix for cve-2026-8631

A flaw was found in HPLIP (HP Linux Imaging and Printing Software). This vulnerability, an incomplete fix for CVE-2026-8631, may allow a remote attacker to escalate privileges or achieve arbitrary co…

enterprise_linux enterprise_linux | Remote | Memory Corruption
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-9547 — SSH improper host validation

When a libcurl-based application performs transfers via `SCP://` or `SFTP://` and utilizes the `CURLOPT_SSH_KEYFUNCTION` callback, it may silently accept an untrusted server. This vulnerability occur…

curl | Authentication
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-9546 — sending old referer

A vulnerability in libcurl caused the HTTP `Referer:` header to persist even when explicitly cleared. While the documentation states that passing NULL to `CURLOPT_REFERER` suppresses the header, the …

curl | Information Disclosure
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-9545 — exposing HTTP/3 early data

In this scenario, libcurl first uses a proper HTTP/3 server for the initial transfers, and when it makes a second transfer to the same site it has been replaced by the attacker's impostor machine - w…

curl | Misconfiguration
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-9080 — UAF after pause in socket callback

Calling `curl_easy_pause()` within the event-based `CURLMOPT_SOCKETFUNCTION` callback triggers a use-after-free vulnerability, where libcurl attempts to store a flag using a dangling struct pointer i…

curl | Memory Corruption
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-9079 — stale proxy password leak

libcurl had a flaw that when instructed to clear proxy authentication credentials which made it not do so, leaving the old credentials around to get used for subsequent transfers that should not know…

curl | Authentication
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-8932 — incomplete mTLS config matching in conn reuse

libcurl would reuse a previously created connection even when some mTLS config related option had been changed that should have prohibited reuse. libcurl keeps previously used connections in a conne…

curl | Misconfiguration
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-8927 — env-set cross-proxy Digest auth state leak

When reusing a libcurl handle for sequential transfers driven by environment-variable proxy configuration, libcurl fails to clear the proxy authentication state between requests. Specifically, if the…

curl | Authentication
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-8926 — password leak with netrc and user in URL

When asking curl to use a `.netrc` file to find credentials and at the same time specifying a URL with a username(without a password), like `https://[email protected]/`, curl could wrongly get and use…

curl | Authentication
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-8925 — SASL double-free

The curl logic that works with SASL authentication could end up cleaning up the GSASL context *twice* without clearing the pointer in between, making it `free()` the same pointer twice.

curl | Memory Corruption
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-8924 — trailing dot domain super cookie

A flaw in curl’s cookie parsing logic allows a malicious HTTP server to set 'super cookies' that bypass the Public Suffix List check. This enables an attacker-controlled origin to inject cookies that…

curl | Misconfiguration
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-8458 — wrong reuse for different services

libcurl might in some circumstances reuse the wrong connection when asked to do Negotiate-authenticated ones, even when they are set to use different 'services'. libcurl features a pool of recent co…

curl | Authentication
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-8286 — wrong STARTTLS connection reuse

A vulnerability exists where a new transfer that uses STARTTLS to upgrade the connection might reuse an existing live connection even though the TLS configuration mismatches so it should not.

curl | Cryptography
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
7.5 HIGH
CVE-2026-4967 — IMS Out-of-Bounds Read Remote Denial of Service

In IMS, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed.

| Denial of Service
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-12064 — proto-default skips SSH verification

When a user invokes curl using a schemeless URL combined with `--proto-default` sftp (or scp), a disconnect occurs between the tool layer and libcurl. The tool layer incorrectly infers the URL scheme…

curl | Misconfiguration
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-11856 — cross-origin Digest auth state leak

Successfully using libcurl to do a transfer to a specific HTTP origin (`hostA`) with **Digest** authentication and then changing the origin to a different one (`hostB`) for a second transfer, reusing…

curl | Authentication
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-11586 — WS Auto-PONG memory exhaustion

By default, curl automatically responds to WebSocket PING frames. Because curl lacks an upper bound on memory allocation for unacknowledged frames, a malicious server can exhaust all available memory…

curl | Denial of Service
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
0.0 NA
CVE-2026-11564 — Native CA trust persist

libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. An easy handle that first uses default native CA trust can continue…

curl | Misconfiguration
Jul 03, 2026 Jul 03, 2026
Jul 03, 2026
Jul 03, 2026
Showing 20 of 8017 Results