CVE-2026-4873 - Vulnerability Details

A vulnerability exists where a connection requiring TLS incorrectly reuses an existing unencrypted connection from the same connection pool. If an initial transfer is made in clear-text (via IMAP, SMTP, or POP3), a subsequent request to that same host bypasses the TLS requirement and instead transmit data unencrypted.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Curl	Curl
Haxx	Curl

Configuration 1 [-]

cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.openwall.com/lists/oss-security/2026/04/29/7
https://curl.se/docs/CVE-2026-4873.html
https://curl.se/docs/CVE-2026-4873.json
https://hackerone.com/reports/3621851
https://nvd.nist.gov/vuln/detail/CVE-2026-4873
https://www.cve.org/CVERecord?id=CVE-2026-4873

History

Thu, 14 May 2026 14:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Haxx Haxx curl
Weaknesses		CWE-295
CPEs		cpe:2.3:a:haxx:curl::::::::
Vendors & Products		Haxx Haxx curl

Wed, 13 May 2026 20:15:00 +0000

Type	Values Removed	Values Added
Metrics	cvssV3_1 `{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N'}`	ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}` cvssV3_1 `{'score': 5.9, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N'}`

Wed, 13 May 2026 15:30:00 +0000

Type	Values Removed	Values Added
References		http://www.openwall.com/lists/oss-security/2026/04/29/7

Wed, 13 May 2026 09:15:00 +0000

Type	Values Removed	Values Added
Description	A flaw was found in curl. A remote attacker could exploit this by initiating an unencrypted connection (via IMAP, SMTP, or POP3) and then making a subsequent request to the same host that requires Transport Layer Security (TLS). Due to incorrect connection reuse, the subsequent request would bypass the TLS requirement, leading to the transmission of sensitive information in cleartext. This vulnerability, categorized as Cleartext Transmission of Sensitive Information (CWE-319), results in information disclosure.	A vulnerability exists where a connection requiring TLS incorrectly reuses an existing unencrypted connection from the same connection pool. If an initial transfer is made in clear-text (via IMAP, SMTP, or POP3), a subsequent request to that same host bypasses the TLS requirement and instead transmit data unencrypted.
Title	curl: curl: Information disclosure due to incorrect TLS connection reuse	connection reuse ignores TLS requirement
References		https://curl.se/docs/CVE-2026-4873.json https://hackerone.com/reports/3621851

Fri, 01 May 2026 01:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Curl Curl curl
Vendors & Products		Curl Curl curl

Fri, 01 May 2026 00:15:00 +0000

Type	Values Removed	Values Added
Description		A flaw was found in curl. A remote attacker could exploit this by initiating an unencrypted connection (via IMAP, SMTP, or POP3) and then making a subsequent request to the same host that requires Transport Layer Security (TLS). Due to incorrect connection reuse, the subsequent request would bypass the TLS requirement, leading to the transmission of sensitive information in cleartext. This vulnerability, categorized as Cleartext Transmission of Sensitive Information (CWE-319), results in information disclosure.
Title		curl: curl: Information disclosure due to incorrect TLS connection reuse
Weaknesses		CWE-319
References		https://curl.se/docs/CVE-2026-4873.html https://nvd.nist.gov/vuln/detail/CVE-2026-4873 https://www.cve.org/CVERecord?id=CVE-2026-4873
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N'}` threat_severity `Moderate`

MITRE

Status: PUBLISHED

Assigner: curl

Published: 2026-05-13T08:27:04.538Z

Updated: 2026-05-13T19:30:04.825Z

Reserved: 2026-03-26T05:38:02.098Z

Link: CVE-2026-4873

Vulnrichment

Updated: 2026-05-13T09:05:12.559Z

NVD

Status : Analyzed

Published: 2026-05-13T13:01:55.893

Modified: 2026-05-14T13:45:11.407

Link: CVE-2026-4873

Redhat

Severity : Moderate

Publid Date: 2026-04-29T00:00:00Z

Links: CVE-2026-4873 - Bugzilla

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object