CVE-2026-6253
published 2026-05-13CVE-2026-6253: curl might erroneously pass on credentials for a first proxy to a second proxy. This can happen when the following conditions are true: 1. curl is setup to use…
PriorityP432medium5.9CVSS 3.1
AVNACHPRNUINSUCNINAH
EPSS
0.52%
39.6th percentile
curl might erroneously pass on credentials for a first proxy to a second
proxy.
This can happen when the following conditions are true:
1. curl is setup to use specific different proxies for different URL schemes
2. the first proxy needs credentials
3. the second proxy uses no credentials
4. while using the first proxy (using say `http://`), curl is asked to follow
a redirect to a URL using another scheme (say `https://`), accessed using a
second, different, proxy
Affected
177 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| build-of-trustee | trustee-rhel9 | — | — |
| confidential-compute-attestation-tech-preview | trustee-rhel9 | — | — |
| confidential-containers | trustee | — | — |
| curl | curl | 7.14.1 – 7.14.1 | — |
| curl | curl | 7.15.0 – 7.15.0 | — |
| curl | curl | 7.15.1 – 7.15.1 | — |
| curl | curl | 7.15.2 – 7.15.2 | — |
| curl | curl | 7.15.3 – 7.15.3 | — |
| curl | curl | 7.15.4 – 7.15.4 | — |
| curl | curl | 7.15.5 – 7.15.5 | — |
| curl | curl | 7.16.0 – 7.16.0 | — |
| curl | curl | 7.16.1 – 7.16.1 | — |
| curl | curl | 7.16.2 – 7.16.2 | — |
| curl | curl | 7.16.3 – 7.16.3 | — |
| curl | curl | 7.16.4 – 7.16.4 | — |
| curl | curl | 7.17.0 – 7.17.0 | — |
| curl | curl | 7.17.1 – 7.17.1 | — |
| curl | curl | 7.18.0 – 7.18.0 | — |
| curl | curl | 7.18.1 – 7.18.1 | — |
| curl | curl | 7.18.2 – 7.18.2 | — |
| curl | curl | 7.19.0 – 7.19.0 | — |
| curl | curl | 7.19.1 – 7.19.1 | — |
| curl | curl | 7.19.2 – 7.19.2 | — |
| curl | curl | 7.19.3 – 7.19.3 | — |
| curl | curl | 7.19.4 – 7.19.4 | — |
CVSS provenance
nvdv3.15.9MEDIUMCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
vendor_redhat5.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
curl vulnerabilities
vendor_ubuntu·2026-05-04
CVE-2026-4873 curl vulnerabilities
Title: curl vulnerabilities
Summary: curl could be made to expose sensitive information over the network.
It was discovered that curl incorrectly reused non-TLS connections when
TLS was required in some STARTTLS configurations. A remote attacker could
possibly use this issue to obtain sensitive information. (CVE-2026-4873)
It was discovered that curl incorrectly reused certain HTTP Negotiate
connections. A remote attacker could possibly use this issue to obtain
sensitive information. (CVE-2026-5545)
It was discovered that curl incorrectly reused certain SMB connections. A
remote attacker could possibly use this issue to obtain sensitive
information. (CVE-2026-5773)
It was discovered that curl could leak proxy credentials when handling
redirects in some configurations. A remote attacke
Red Hat
curl: curl: Proxy credential disclosure via redirects to unauthenticated proxies
vendor_redhat·2026-04-29·CVSS 5.3
CVE-2026-6253 [MEDIUM] CWE-201 curl: curl: Proxy credential disclosure via redirects to unauthenticated proxies
curl: curl: Proxy credential disclosure via redirects to unauthenticated proxies
A flaw was found in curl. When curl is configured to use distinct proxies for different URL schemes, a redirect from a URL using an authenticated proxy to one using an unauthenticated proxy can inadvertently expose the initial proxy's credentials. This improper credential management (CWE-522) may allow an attacker to gain unauthorized access or information by intercepting these disclosed credentials.
Statement: Moderate: This flaw in curl and libcurl allows proxy credentials to be inadvertently exposed to a second proxy during a redirect. This issue arises when curl is configured to use distinct proxies for different URL schemes, the initial proxy requires authentication, and a subsequent proxy does not. Red
GHSA
GHSA-6qjr-r96v-3wcx: curl might erroneously pass on credentials for a first proxy to a second
proxy
ghsa_unreviewed·2026-05-13
CVE-2026-6253 [MEDIUM] CWE-522 GHSA-6qjr-r96v-3wcx: curl might erroneously pass on credentials for a first proxy to a second
proxy
curl might erroneously pass on credentials for a first proxy to a second
proxy.
This can happen when the following conditions are true:
1. curl is setup to use specific different proxies for different URL schemes
2. the first proxy needs credentials
3. the second proxy uses no credentials
4. while using the first proxy (using say `http://`), curl is asked to follow
a redirect to a URL using another scheme (say `https://`), accessed using a
second, different, proxy
No detection rules found.
No public exploits indexed.
2026-05-13
Published