CVE-2026-3805

HIGH

Exploit for Use After Free in Haxx Curl

Details

CVSS v3: 7.5
NVD published: 2026-03-11 11:16:00
EPSS: <0.1% probability · 11.8th percentile — 2026-04-11
Affected versions: cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*
Summary: When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory.
Remediation: Not available in our cache.
Exploit info: https://hackerone.com/reports/3591944

TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.

Subscribe — free email digest or paid plan

Information is aggregated from multiple authoritative sources for convenience; verify with NVD and vendors before operational decisions.