CVE-2026-3805 PUBLISHED

use after free in SMB connection reuse

Assigner: curl
Reserved: 08.03.2026 Published: 11.03.2026 Updated: 11.03.2026

When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory.

Product Status

Vendor curl
Product curl
Versions Default: unaffected
  • affected from 8.18.0 to 8.18.0 (incl.)
  • affected from 8.17.0 to 8.17.0 (incl.)
  • affected from 8.16.0 to 8.16.0 (incl.)
  • affected from 8.15.0 to 8.15.0 (incl.)
  • affected from 8.14.1 to 8.14.1 (incl.)
  • affected from 8.14.0 to 8.14.0 (incl.)
  • affected from 8.13.0 to 8.13.0 (incl.)

Credits

  • Daniel Wade finder
  • Stefan Eissing remediation developer

References

Problem Types

  • CWE-416 Use After Free