GHSA-hf82-6jff-f22v
This vulnerability in libcurl involves the reuse of previously established connections from a connection pool. An easy handle initially configured to trust the native platform's CA store may continue to trust that store even after being switched to use custom CA certificates for subsequent transfers. This behavior can lead to unintended trust decisions during TLS connections.
AI Analysis
Technical Summary
libcurl maintains a connection pool to reuse connections for subsequent transfers if they match the setup. However, when an easy handle first uses the default native CA trust store and later switches to custom CA material, it may continue trusting the native platform's CA store due to connection reuse. This can cause the handle to accept certificates trusted by the native store despite the application's intent to use a different trust configuration.
Potential Impact
The vulnerability may cause libcurl to trust certificates from the native platform CA store even when the application has switched to custom CA certificates. This could lead to unintended trust of TLS connections, potentially undermining the application's security policy regarding certificate validation.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, avoid reusing easy handles across transfers with different CA trust configurations or explicitly close and recreate handles when changing CA material.
GHSA-hf82-6jff-f22v
Description
This vulnerability in libcurl involves the reuse of previously established connections from a connection pool. An easy handle initially configured to trust the native platform's CA store may continue to trust that store even after being switched to use custom CA certificates for subsequent transfers. This behavior can lead to unintended trust decisions during TLS connections.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
libcurl maintains a connection pool to reuse connections for subsequent transfers if they match the setup. However, when an easy handle first uses the default native CA trust store and later switches to custom CA material, it may continue trusting the native platform's CA store due to connection reuse. This can cause the handle to accept certificates trusted by the native store despite the application's intent to use a different trust configuration.
Potential Impact
The vulnerability may cause libcurl to trust certificates from the native platform CA store even when the application has switched to custom CA certificates. This could lead to unintended trust of TLS connections, potentially undermining the application's security policy regarding certificate validation.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, avoid reusing easy handles across transfers with different CA trust configurations or explicitly close and recreate handles when changing CA material.
Technical Details
- Gcve Source
- db.gcve.eu
- Osv Id
- GHSA-hf82-6jff-f22v
- Osv Schema Version
- 1.4.0
- Aliases
- ["CVE-2026-11564"]
- Ecosystems
- []
- Database Specific Severity
- null
- Cvss Version
- null
Threat ID: 6a483cb627e9c79719d8210e
Added to database: 07/03/2026, 22:50:30 UTC
Last enriched: 07/03/2026, 23:03:46 UTC
Last updated: 07/04/2026, 01:54:18 UTC
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.