cURL is a versatile command-line tool for transferring data over various network protocols, such as HTTP, FTP, and SMTP. Designed for reliability and flexibility, cURL is widely used in web development, automation, and API testing. Its underlying library, libcurl, provides robust data transfer capabilities and is employed by numerous applications and programming languages.

cURL

Libcurl is a client-side URL transfer library that supports various protocols, including HTTP, HTTPS, FTP, LDAP, and many more. It is written in C and provides easy-to-use APIs for programmers. The library is portable and works on numerous platforms, such as Windows, macOS, Linux, and various embedded systems.

Libcurl

Red Hat Enterprise Linux is a Linux distribution developed by Red Hat for the commercial market.

Linux Red Hat

Linux openSUSE

When doing a second SMB request to the same host again, curl would wrongly use
a data pointer pointing into already freed memory.

CVE-2026-3805

Alpine

Linux Alpine

Alpine Security Tracker

Debian

Linux Debian

Debian Security Tracker

Homebrew

MinimOS

Minimus

NixOS

Red Hat

Red Hat Errata

Seal Security

Ubuntu

Linux Ubuntu

Ubuntu Security Tracker

Linux

Linux Kernel

Windows

Windows Cumulative Update

VulnCheck NVD++

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2026-3805	HIGH	7.5	cURL	rust-std-static-x86_64-unknown-none	No	Yes	Mar 11, 2026
CVE-2026-3784	MEDIUM	6.5	cURL	curl-minimal	No	Yes	Mar 11, 2026
CVE-2026-1965	MEDIUM	6.5	cURL	clippy	No	Yes	Mar 11, 2026
CVE-2026-3783	MEDIUM	5.3	cURL	rust-std-static-wasm32-wasip1	No	Yes	Mar 11, 2026
CVE-2025-11563	MEDIUM	4.6	cURL	libcurl4-32bit	No	Yes	Feb 25, 2026

CVE-2026-3805:
cURL vulnerability analysis and mitigation

7.5

Related cURL vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2026-3805: cURL vulnerability analysis and mitigation