CVE-2026-3805

CVE-2026-3805

Name

CVE-2026-3805

Description

When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

References

Type	URI
2499f714-1537-4658-8207-48ae4bb9eae9	https://curl.se/docs/CVE-2026-3805.html
2499f714-1537-4658-8207-48ae4bb9eae9	https://curl.se/docs/CVE-2026-3805.json
2499f714-1537-4658-8207-48ae4bb9eae9	https://hackerone.com/reports/3591944
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2026/03/11/4

Type

URI

2499f714-1537-4658-8207-48ae4bb9eae9

https://curl.se/docs/CVE-2026-3805.html

2499f714-1537-4658-8207-48ae4bb9eae9

https://curl.se/docs/CVE-2026-3805.json

2499f714-1537-4658-8207-48ae4bb9eae9

https://hackerone.com/reports/3591944

af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2026/03/11/4

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:haxx:curl::::::::`	curl	>= 8.13.0	< 8.19.0

CPE URI

Source package

Min version

Max version

cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:*

curl

>= 8.13.0

< 8.19.0

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
curl	edge-main	8.19.0-r0	Achill Gilgenast <achill@achill.org>	fixed
curl	edge-main	8.18.0-r0	Achill Gilgenast <achill@achill.org>	possibly vulnerable
curl	edge-main	8.17.0-r1	Achill Gilgenast <achill@achill.org>	possibly vulnerable
curl	edge-main	8.17.0-r0	Achill Gilgenast <achill@achill.org>	possibly vulnerable
curl	edge-main	8.16.0-r2	Achill Gilgenast <achill@achill.org>	possibly vulnerable
curl	edge-main	8.16.0-r1	Achill Gilgenast <achill@achill.org>	possibly vulnerable
curl	edge-main	8.16.0-r0	Achill Gilgenast <achill@achill.org>	possibly vulnerable
curl	edge-main	8.15.0-r2	Achill Gilgenast <achill@achill.org>	possibly vulnerable
curl	edge-main	8.15.0-r1	Achill Gilgenast <achill@achill.org>	possibly vulnerable
curl	edge-main	8.15.0-r0	fossdd <fossdd@pwned.life>	possibly vulnerable
curl	edge-main	8.14.1-r2	fossdd <fossdd@pwned.life>	possibly vulnerable
curl	edge-main	8.14.1-r1	fossdd <fossdd@pwned.life>	possibly vulnerable
curl	edge-main	8.14.1-r0	fossdd <fossdd@pwned.life>	possibly vulnerable
curl	edge-main	8.14.0-r2	fossdd <fossdd@pwned.life>	possibly vulnerable
curl	edge-main	8.14.0-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
curl	edge-main	8.14.0-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
curl	edge-main	8.13.0-r1	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
curl	edge-main	8.13.0-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
curl	3.23-main	8.17.0-r1	Achill Gilgenast <achill@achill.org>	possibly vulnerable
curl	3.22-main	8.14.1-r2	fossdd <fossdd@pwned.life>	possibly vulnerable
curl	3.22-main	8.14.1-r1	fossdd <fossdd@pwned.life>	possibly vulnerable
curl	3.22-main	8.14.1-r0	None	possibly vulnerable
curl	3.22-main	8.14.0-r0	None	possibly vulnerable
curl	3.21-main	8.14.1-r2	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
curl	3.21-main	8.14.1-r0	None	possibly vulnerable
curl	3.21-main	8.14.0-r0	None	possibly vulnerable
curl	3.20-main	8.14.1-r2	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
curl	3.20-main	8.14.1-r0	None	possibly vulnerable
curl	3.20-main	8.14.0-r0	None	possibly vulnerable
curl	3.19-main	8.14.1-r2	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
curl	3.19-main	8.14.1-r0	None	possibly vulnerable
curl	3.19-main	8.14.0-r0	None	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

curl

edge-main

8.19.0-r0

Achill Gilgenast <achill@achill.org>

fixed

curl

edge-main