PT-2026-51749 · Git · Curl
Published
2026-06-24
·
Updated
2026-06-24
·
CVE-2026-8926
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
When asking curl to use a
.netrc file to find credentials and at the same
time specifying a URL with a username (without a password), like
https://user@example.com/, curl could wrongly get and use the password for
another user set in the .netrc file for that host if such a one exists and
there is no match for the specified user.Insufficiently Protected Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Curl