CVE-2026-9546
Gravedad:
Pendiente de análisis
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
03/07/2026
Última modificación:
03/07/2026
Descripción
*** Pendiente de traducción *** A vulnerability in libcurl caused the HTTP `Referer:` header to persist even<br />
when explicitly cleared. While the documentation states that passing NULL to<br />
`CURLOPT_REFERER` suppresses the header, the option failed to clear the<br />
internal state. As a result the previous referrer string was erroneously<br />
reused and sent in subsequent requests, potentially leaking sensitive<br />
information to unintended servers.



