CVE-2026-11564

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
03/07/2026
Last modified:
03/07/2026

Description

libcurl keeps previously used connections in a connection pool for subsequent<br /> transfers to reuse if one of them matches the setup.<br /> <br /> An easy handle that first uses default native CA trust can continue trusting<br /> the native platform store after the application switches that same handle to<br /> custom CA material for a later transfer.

Impact