Home / Vulnerability Intelligence / CVE-2026-3783

CVE-2026-3783 - Vulnerability Analysis

MediumCVSS: 5.3

Last Updated: March 12, 2026

curl - Information Disclosure

Published: March 11, 2026Updated: March 12, 2026PoC AvailableRemote Exploitable

Overview

curl contains an OAuth2 bearer token leak caused by passing the token to redirected hostnames with .netrc credentials, letting attackers on the second hostname access the token, exploit requires HTTP(S) redirect with .netrc credentials.

Severity & Score

Severity: Medium

CVSS Score: 5.3

EPSS Score: 2.8%(Probability of exploitation in next 30 days)

Impact

Attackers on the redirected hostname can obtain OAuth2 bearer tokens, leading to unauthorized access to protected resources.

Mitigation

Update to the latest curl version with the fix for token leakage.

References

Social Media Activity(1 post)

daniel:// stenberg://

@bagder

Mar 11, 2026

CVE-2026-3783: token leak with redirect and netrc When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer performs a redirect to a second URL, curl could leak that token to the second hostname under some circumstances.

View original post

Related Resources

Details

CVE ID: CVE-2026-3783
Severity: Medium
CVSS Score: 5.3
Type: undefined
Status: confirmed
EPSS: 2.8%
Social Posts: 1

CWE

CWE-522

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

EPSS Score

2.8%Probability of exploitation in the next 30 days