CVE-2026-6429

Published: Mag 13, 2026 Last Modified: Mag 13, 2026

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 5,3

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

Attack Vector: network

Attack Complexity: high

Privileges Required: low

User Interaction: none

Scope: unchanged

Confidentiality: high

Integrity: none

Availability: none

Description

AI Translation Available

When asked to both use a `.netrc` file for credentials and to follow HTTP
redirects, libcurl could leak the password used for the first host to the
followed-to host under certain circumstances.

https://curl.se/docs/CVE-2026-6429.html

https://curl.se/docs/CVE-2026-6429.json

https://hackerone.com/reports/3677759

CVE-2026-6429

Description

Iscriviti alla newsletter