H1-3680680 — Vulnetix

Try Vulnetix Request Demo

H1-3680680 PUBLISHED

libcurl omits IPv6 zoneid from host identity and leaks credentials/cookies across scoped link-local realms

Timeline

Apr 19, 2026 CVE Published
Apr 19, 2026 PoC Published

References

libcurl omits IPv6 zoneid from host identity and leaks credentials/cookies across scoped link-local realms advisory

Open in Interactive Console →