CVE-2026-3783 — Insufficiently Protected Credentials in Curl

CWE-522 — Insufficiently Protected Credentials CWE-201 — Sensitive Info Insertion into Sent Data16 documents11 sources

Severity

5.3MEDIUMNVD

OSV3.4

EPSS

0.0%

top 95.86%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Haxx Curl Curl

Timeline

PublishedMar 11

Latest updateMar 26

Description

When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer performs a redirect to a second URL, curl could leak that token to the second hostname under some circumstances. If the hostname that the first request is redirected to has information in the used .netrc file, with either of the `machine` or `default` keywords, curl would pass on the bearer token set for the first host also to the second one.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages4 packages

▶NVDhaxx/curl7.33.0 — 8.19.0

▶Debianhaxx/curl< 8.19.0-1

▶Ubuntuhaxx/curl< 7.81.0-1ubuntu1.23+2

▶CVEListV5curl/curl8.18.0 — 8.18.0+107

Patches

Patch: curl.se ↗

🔴Vulnerability Details

OSV

curl vulnerabilities↗2026-03-16

▶

GHSA

GHSA-8whr-249c-vfjp: When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer performs a redirect to a second URL, curl could leak that token to the↗2026-03-11

▶

OSV

curl vulnerabilities↗2026-03-11

▶

OSV

CVE-2026-3783: When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer performs a redirect to a second URL, curl could leak that token to the↗2026-03-11

▶

CVEList

token leak with redirect and netrc↗2026-03-11

▶

📋Vendor Advisories

Ubuntu

curl vulnerabilities↗2026-03-16

▶

Red Hat

curl: curl: Information disclosure via OAuth2 bearer token leakage during HTTP(S) redirect↗2026-03-11

▶

Ubuntu

curl vulnerabilities↗2026-03-11

▶

Microsoft

token leak with redirect and netrc↗2026-03-10

▶

Debian

CVE-2026-3783: curl - When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer p...↗2026

▶

🕵️Threat Intelligence

Wiz

CVE-2026-3783 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶

💬Community

HackerOne

Bearer Token Leaked to Attacker via .netrc Despite CVE-2026-3783 Fix↗2026-03-26

▶

Bugzilla

CVE-2026-3783 curl: curl: Information disclosure via OAuth2 bearer token leakage during HTTP(S) redirect [fedora-42]↗2026-03-11

▶

HackerOne

CVE-2026-3783: token leak with redirect and netrc↗2026-03-11

▶

Bugzilla

CVE-2026-3783 curl: curl: Information disclosure via OAuth2 bearer token leakage during HTTP(S) redirect [fedora-43]↗2026-03-11

▶