Home / Vulnerability Intelligence / CVE-2026-6253

CVE-2026-6253 - Vulnerability Analysis

MediumCVSS: 5.9

Last Updated: May 14, 2026

curl - Authentication Bypass

Published: May 13, 2026Updated: May 14, 2026PoC AvailableRemote Exploitable

Overview

curl contains an authentication credential leak caused by passing credentials from a first proxy to a second proxy during scheme redirects, letting attackers potentially access unauthorized proxy credentials, exploit requires use of multiple proxies with different schemes and credentials.

Severity & Score

Severity: Medium

CVSS Score: 5.9

EPSS Score: 0.0%(Probability of exploitation in next 30 days)

Impact

Attackers can obtain proxy credentials unintentionally leaked to a second proxy, risking unauthorized access.

Mitigation

Update to the latest curl version that fixes proxy credential leakage.

References

Social Media Activity(1 post)

daniel:// stenberg://

@bagder

Apr 29, 2026

Out of the eight new #curl CVEs, four of them had existed in code for over twenty years when we published. CVE-2026-5545 clocks in at 22.75 years old CVE-2026-7168 at 21.91 years CVE-2026-6429 at 20.95 years CVE-2026-6253 at 20.66 years And yet CVE-2026-5545 only becomes the 5th oldest vulnerability ever found in curl so far.

View original post

Related Resources

Details

CVE ID: CVE-2026-6253
Severity: Medium
CVSS Score: 5.9
Type: broken_authentication
Status: confirmed
EPSS: 0.0%
Social Posts: 1

CWE

CWE-522

CVSS Metrics

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score

0.0%Probability of exploitation in the next 30 days