VDB
CVE-2025-14524
CVE-2025-14524
PUBLISHED
EPSS 0.03% · 8.2th percentile
Risk Scores
EPSS Score
0.03%
8.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Amazon | curl |
Exploit Intelligence
- CVE-2026-3783: token leak with redirect and netrc (hackerone)
- libcurl: Improper Authentication State Management on Cross-Protocol Redirects (hackerone)
- CVE-2025-14524: bearer token leak on cross-protocol redirect (hackerone)
- CVE-2026-3783: token leak with redirect and netrc (hackerone)
- libcurl: Improper Authentication State Management on Cross-Protocol Redirects (hackerone)
- CVE-2025-14524: bearer token leak on cross-protocol redirect (hackerone)
- CVE-2026-3783: token leak with redirect and netrc (hackerone)
- libcurl: Improper Authentication State Management on Cross-Protocol Redirects (hackerone)
- CVE-2025-14524: bearer token leak on cross-protocol redirect (hackerone)
- issue (cve.org)
…and 79 more exploits
Timeline
- CVE Published
- Jan 7, 2026 PoC Published
- Jan 8, 2026 EPSS Score
- Jan 11, 2026 EPSS Score
- Jan 14, 2026 EPSS Score
- Jan 17, 2026 PoC Published
- Jan 18, 2026 EPSS Score
- Jan 21, 2026 EPSS Score
- Jan 24, 2026 EPSS Score
- Jan 27, 2026 EPSS Score
- Jan 30, 2026 EPSS Score
- Feb 2, 2026 EPSS Score
References
- ALAS2-2026-3173: curl (medium) advisory