CVE-2026-3783

5.3 MEDIUM
Published: March 11, 2026 Modified: March 12, 2026
View on NVD

Description

When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer performs a redirect to a second URL, curl could leak that token to the second hostname under some circumstances. If the hostname that the first request is redirected to has information in the used .netrc file, with either of the `machine` or `default` keywords, curl would pass on the bearer token set for the first host also to the second one.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://curl.se/docs/CVE-2026-3783.html
Source: 2499f714-1537-4658-8207-48ae4bb9eae9
Patch Vendor Advisory
https://curl.se/docs/CVE-2026-3783.json
Source: 2499f714-1537-4658-8207-48ae4bb9eae9
Vendor Advisory
https://hackerone.com/reports/3583983
Source: 2499f714-1537-4658-8207-48ae4bb9eae9
Exploit Issue Tracking Third Party Advisory
http://www.openwall.com/lists/oss-security/2026/03/11/2
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Third Party Advisory

4 reference(s) from NVD

Quick Stats

CVSS v3 Score
5.3 / 10.0
EPSS (Exploit Probability)
0.0%
5th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-522

Affected Vendors

haxx

Related CVEs

CVE-2026-33179 5.5
CVE-2026-33165 5.5
CVE-2026-33164 N/A
CVE-2026-33156 7.8
CVE-2026-33155 N/A