CVE-2026-3783

MEDIUM EPSS 25.1%
Published Mar 11, 20263mo ago · Modified Jun 17, 20261w ago
5.3 CVSS 3.1
Medium
Find Similar
Published Mar 11, 2026 3mo ago
Last Modified Jun 17, 2026 1w ago

Description

When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer performs a redirect to a second URL, curl could leak that token to the second hostname under some circumstances. If the hostname that the first request is redirected to has information in the used .netrc file, with either of the `machine` or `default` keywords, curl would pass on the bearer token set for the first host also to the second one.

CVSS Details

Base Score
5.3
Exploitability
3.9
Impact
1.4
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality Low
Integrity None
Availability None

Threat Intelligence

EPSS Exploit Probability
25.1% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-522

Affected Products 1

VendorProductVersionRange
haxxcurl*≥7.33.0  –  <8.19.0

References 4

  • openwall.com http://www.openwall.com/lists/oss-security/2026/03/11/2
    Mailing ListThird Party Advisory
  • curl.se https://curl.se/docs/CVE-2026-3783.html
    PatchVendor Advisory
  • curl.se https://curl.se/docs/CVE-2026-3783.json
    Vendor Advisory
  • hackerone.com https://hackerone.com/reports/3583983
    ExploitIssue TrackingThird Party Advisory

Remediation

  • curl.se https://curl.se/docs/CVE-2026-3783.html
    PatchVendor Advisory