{
  "schema_version": "1.5.0",
  "id": "CURL-CVE-2026-11564",
  "aliases": [
    "CVE-2026-11564"
  ],
  "summary": "Native CA trust persist",
  "modified": "2026-06-24T10:06:45.00Z",
  "database_specific": {
    "package": "curl",
    "affects": "lib",
    "URL": "https://curl.se/docs/CVE-2026-11564.json",
    "www": "https://curl.se/docs/CVE-2026-11564.html",
    "issue": "https://hackerone.com/reports/3788984",
    "CWE": {
      "id": "CWE-295",
      "desc": "Improper Certificate Validation"
    },
    "last_affected": "8.20.0",
    "severity": "Low"
  },
  "published": "2026-06-24T08:00:00.00Z",
  "affected": [
    {
      "ranges": [
        {
           "type": "SEMVER",
           "events": [
             {"introduced": "8.17.0"},
             {"fixed": "8.21.0"}
           ]
        },
        {
           "type": "GIT",
           "repo": "https://github.com/curl/curl.git",
           "events": [
             {"introduced": "eefd03c572996e5de4dec4fe295ad6f103e0eefc"},
             {"fixed": "d69bfad3fa3daf5e72331f6870667607828d5891"}
           ]
        }
      ],
      "versions": [
        "8.20.0", "8.19.0", "8.18.0", "8.17.0"
      ]
    }
  ],
  "credits": [
    {
      "name": "Filipe Casal of Trail of Bits in collaboration with OpenAI",
      "type": "FINDER"
    },
    {
      "name": "Stefan Eissing",
      "type": "REMEDIATION_DEVELOPER"
    }
  ],
  "details": "libcurl keeps previously used connections in a connection pool for subsequent\ntransfers to reuse if one of them matches the setup.\n\nAn easy handle that first uses default native CA trust can continue trusting\nthe native platform store after the application switches that same handle to\ncustom CA material for a later transfer."
}