CVE-2026-11564

curl · curl

A certificate validation flaw in libcurl allows a connection handle to continue trusting the default native CA store even after being configured to use a custom CA store.

Executive summary

An improper certificate validation vulnerability in libcurl enables potential man-in-the-middle attacks by failing to enforce custom CA trust settings during connection reuse.

Vulnerability

This is an improper certificate validation issue (CWE-295) occurring when an easy handle is reused. The vulnerability permits an unauthenticated attacker to bypass custom certificate trust requirements, undermining the integrity of TLS connections.

Business impact

The failure to properly validate certificates can lead to man-in-the-middle attacks, where encrypted traffic is intercepted, decrypted, or modified by an attacker. With a CVSS score of 9.1, this flaw poses a severe threat to the confidentiality and integrity of communications in high-security environments.

Remediation

Immediate Action: Update the curl library to the latest version to ensure certificate trust settings are applied correctly upon handle reuse.

Proactive Monitoring: Monitor for certificate validation errors or anomalies in TLS handshake logs.

Compensating Controls: Use strict transport security and verify certificate pinning where possible to mitigate the risks associated with trust store misconfiguration.

Exploitation status

Public Exploit Available: Unknown

Analyst recommendation

Immediate remediation is required to maintain the security of TLS-encrypted traffic. Organizations should prioritize updating all instances of libcurl to the latest version to prevent potential interception of sensitive data.