Ghostwire

CVE-2026-11564: libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches...

CRITICAL CVSS 0.0

Published: July 3, 2026 | Last Modified: July 3, 2026

Description

libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. An easy handle that first uses default native CA trust can continue trusting the native platform store after the application switches that same handle to custom CA material for a later transfer.

Ghostwire Analysis — What This Means Practically

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

Security Coverage (1 articles)

References