CVE-2026-6276

Published: Mag 13, 2026 Last Modified: Mag 13, 2026
ExploitDB:
Other exploit source:
Google Dorks:

Description

AI Translation Available

Using libcurl, when a custom `Host:` header is first set for an HTTP request
and a second request is subsequently done using the same *easy handle* but
without the custom `Host:` header set, the second request would use stale
information and pass on cookies meant for the first host in the second
request. Leak them.

https://curl.se/docs/CVE-2026-6276.html
https://curl.se/docs/CVE-2026-6276.html
https://curl.se/docs/CVE-2026-6276.json
https://curl.se/docs/CVE-2026-6276.json
https://hackerone.com/reports/3671818
https://hackerone.com/reports/3671818
http://www.openwall.com/lists/oss-security/2026/04/29/13
http://www.openwall.com/lists/oss-security/2026/04/29/13