Back to CVE List

CVE-2026-8926

Vulnerability Description

When asking curl to use a `.netrc` file to find credentials and at the same
time specifying a URL with a username(without a password), like
`https://user@example.com/`, curl could wrongly get and use the password for
*another* user set in the `.netrc` file for that host if such a one exists and
there is no match for the specified user.

Vulnerability Details

Published Date
Last Modified
Source
NVD

External References

Discussion (0)

Add Comment

No comments yet. Be the first!