Connection Reuse Vulnerability in libcurl Affects Multiple Applications
CVE-2026-8458
Currently unrated
What is CVE-2026-8458?
A logical error in libcurl may lead to the improper reuse of connections in specific scenarios involving Negotiate authentication. This bug allows applications to mistakenly use a previously established connection intended for a different service, possibly compromising security. Implementing proper checks for connection criteria is critical to avoid potential exploitation of this vulnerability.
Affected Version(s)
curl 8.20.0
curl 8.19.0
curl 8.18.0
