CVE-2026-4587 | HybridAuth up to 3.12.2 SSL src/HttpClient/Curl.php curlOptions certificate validation (Issue 1444)

Inserito da Angelo Barbosa | Mar 22, 2026 | CVE

A vulnerability classified as problematic was found in HybridAuth up to 3.12.2. This issue affects some unknown processing of the file src/HttpClient/Curl.php of the component SSL Handler. The manipulation of the argument curlOptions results in improper certificate validation.

This vulnerability is reported as CVE-2026-4587. The attack can be launched remotely. No exploit exists.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-4587 | HybridAuth up to 3.12.2 SSL src/HttpClient/Curl.php curlOptions certificate validation (Issue 1444)

Post correlati

CVE-2024-48896 | Moodle information exposure

CVE-2024-37623 | Xinhu RockOA 2.6.3 tpl_kaoqin_locationchange.html cross site scripting

CVE-2025-13220 | Ultimate Member Plugin up to 2.11.0 on WordPress Shortcode cross site scripting

CVE-2024-5390 | itsourcecode Online Student Enrollment System 1.0 listofstudent.php lname sql injection