resolved
CVE-2026-4873: connection reuse ignores TLS requirement
Bug reported by Arkadi Vainbrand was disclosed at April 29, 2026, 6:47 am | Cleartext Transmission of Sensitive Information
A vulnerability was discovered in libcurl's connection reuse for cleartext-upgrade mail protocols. The vulnerability was that the later transfer's CURLOPT_USE_SSL option was not properly included if a plaintext connection was already open and reusable. This affected the smtp://, pop3://, and imap:// protocols. The vulnerability could allow a later TLS-required mail transfer to be sent over a previously established plaintext connection, contrary to expectation.
resolved
CVE-2026-5773: wrong reuse of SMB connection
Bug reported by Osama Hamad was disclosed at April 29, 2026, 6:11 am |
A vulnerability was discovered in curl version 8.19.0 and earlier versions that support SMB. The vulnerability was due to the incorrect reuse of SMB connections across different shares on the same server. This led to data spoofing and access control bypass. The issue was caused by the lack of verification of the target share name when reusing an existing connection. As a result, the application could silently fetch data from an unintended share.
resolved
PS4 BD-J privilege escalation using nested JAR
Bug reported by was disclosed at April 29, 2026, 5:09 am | Privilege Escalation
A PS4 vulnerability was discovered in the Blu-ray Disc Java (BD-J) privilege escalation using nested JAR files. The vulnerability was found in the PS4 system software versions 13.00 to the latest version 13.02. The vulnerability was caused by a discrepancy between the security policy's path canonicalization and the actual class loading path. The security policy granted AllPermission to code that appeared to be loaded from a trusted directory, while the actual code was loaded from an untrusted nested JAR on the Blu-ray disc. This resulted in a Time-of-Check/Time-of-Use (TOCTOU) vulnerability that allowed untrusted code to obtain AllPermission.
![[Image: e72398fe92beda2aa80d0329e8b9f4febece7568.gif]](https://64.media.tumblr.com/834502d05f9b014cbc37366fe428a5a7/13cb9841c0799d7a-ff/s500x560/e72398fe92beda2aa80d0329e8b9f4febece7568.gif)
