{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-4587", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-03-22T09:39:56.778Z", "datePublished": "2026-03-23T12:46:46.054Z", "dateUpdated": "2026-03-23T13:46:08.559Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-03-23T12:46:46.054Z"}, "title": "HybridAuth SSL Curl.php certificate validation", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-295", "lang": "en", "description": "Improper Certificate Validation"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-287", "lang": "en", "description": "Improper Authentication"}]}], "affected": [{"vendor": "n/a", "product": "HybridAuth", "versions": [{"version": "3.12.0", "status": "affected"}, {"version": "3.12.1", "status": "affected"}, {"version": "3.12.2", "status": "affected"}], "modules": ["SSL Handler"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in HybridAuth up to 3.12.2. This issue affects some unknown processing of the file src/HttpClient/Curl.php of the component SSL Handler. The manipulation of the argument curlOptions results in improper certificate validation. The attack can be launched remotely. This attack is characterized by high complexity. The exploitability is assessed as difficult. The project was informed of the problem early through an issue report but has not responded yet."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.3, "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 3.7, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:X/RL:X/RC:R", "baseSeverity": "LOW"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 3.7, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:X/RL:X/RC:R", "baseSeverity": "LOW"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N/E:ND/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-03-22T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-03-22T01:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-03-22T10:45:06.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "jstyles (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.352423", "name": "VDB-352423 | HybridAuth SSL Curl.php certificate validation", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.352423", "name": "VDB-352423 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.775463", "name": "Submit #775463 | hybridauth >2.2.0 Improper Certificate Validation (CWE-295)", "tags": ["third-party-advisory"]}, {"url": "https://github.com/hybridauth/hybridauth/issues/1444", "tags": ["issue-tracking"]}, {"url": "https://github.com/hybridauth/hybridauth/", "tags": ["product"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-23T13:45:57.272076Z", "id": "CVE-2026-4587", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-23T13:46:08.559Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-4587", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-23T13:45:57.272076Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-23T13:46:04.458Z"}}], "cna": {"title": "HybridAuth SSL Curl.php certificate validation", "credits": [{"lang": "en", "type": "reporter", "value": "jstyles (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 3.7, "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:X/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 3.7, "baseSeverity": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N/E:X/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N/E:ND/RL:ND/RC:UR"}}], "affected": [{"vendor": "n/a", "modules": ["SSL Handler"], "product": "HybridAuth", "versions": [{"status": "affected", "version": "3.12.0"}, {"status": "affected", "version": "3.12.1"}, {"status": "affected", "version": "3.12.2"}]}], "timeline": [{"lang": "en", "time": "2026-03-22T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-03-22T01:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-03-22T10:45:06.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.352423", "name": "VDB-352423 | HybridAuth SSL Curl.php certificate validation", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.352423", "name": "VDB-352423 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.775463", "name": "Submit #775463 | hybridauth >2.2.0 Improper Certificate Validation (CWE-295)", "tags": ["third-party-advisory"]}, {"url": "https://github.com/hybridauth/hybridauth/issues/1444", "tags": ["issue-tracking"]}, {"url": "https://github.com/hybridauth/hybridauth/", "tags": ["product"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in HybridAuth up to 3.12.2. This issue affects some unknown processing of the file src/HttpClient/Curl.php of the component SSL Handler. The manipulation of the argument curlOptions results in improper certificate validation. The attack can be launched remotely. This attack is characterized by high complexity. The exploitability is assessed as difficult. The project was informed of the problem early through an issue report but has not responded yet."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-295", "description": "Improper Certificate Validation"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-287", "description": "Improper Authentication"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-03-23T12:46:46.054Z"}}}, "cveMetadata": {"cveId": "CVE-2026-4587", "state": "PUBLISHED", "dateUpdated": "2026-03-23T13:46:08.559Z", "dateReserved": "2026-03-22T09:39:56.778Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-03-23T12:46:46.054Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was found in HybridAuth up to 3.12.2. This issue affects some unknown processing of the file src/HttpClient/Curl.php of the component SSL Handler. The manipulation of the argument curlOptions results in improper certificate validation. The attack can be launched remotely. This attack is characterized by high complexity. The exploitability is assessed as difficult. The project was informed of the problem early through an issue report but has not responded yet."}, {"lang": "es", "value": "Una vulnerabilidad fue encontrada en HybridAuth hasta la versi\u00f3n 3.12.2. Este problema afecta a alg\u00fan procesamiento desconocido del archivo src/HttpClient/Curl.php del componente Gestor SSL. La manipulaci\u00f3n del argumento curlOptions resulta en una validaci\u00f3n de certificado incorrecta. El ataque puede ser lanzado de forma remota. Este ataque se caracteriza por una alta complejidad. La explotabilidad se eval\u00faa como dif\u00edcil. El proyecto fue informado del problema tempranamente a trav\u00e9s de un informe de problema, pero a\u00fan no ha respondido."}], "id": "CVE-2026-4587", "lastModified": "2026-04-24T16:32:53.997", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.6, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 1.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-03-23T13:16:31.320", "references": [{"source": "cna@vuldb.com", "url": "https://github.com/hybridauth/hybridauth/"}, {"source": "cna@vuldb.com", "url": "https://github.com/hybridauth/hybridauth/issues/1444"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?ctiid.352423"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?id.352423"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?submit.775463"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}, {"lang": "en", "value": "CWE-295"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "3.12.0"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "3.12.1"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "3.12.2"}}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}]}, "original": {"product": "HybridAuth", "source": "cna", "vendor": "n/a"}, "product": "hybridauth", "vendor": "hybridauth"}], "analysis": {"en": {"generated_at": "2026-03-23T14:35:59.242747+00:00", "value": {"mitigation_remediation": ["Update HybridAuth to a version newer than 3.12.2 if possible.", "If an upgrade is not feasible at the moment, review application code to limit or sanitize curlOptions and consider disabling SSL verification only for trusted environments.", "Monitor network traffic for anomalous SSL handshakes that indicate certificate validation bypass attempts."], "summary": {"action": "Immediate Patch", "impact": "Improper Certificate Validation Leading to Remote Exploitation"}, "threat_synthesis": {"affected_systems": "The vulnerability is present in the HybridAuth library, including all versions up through 3.12.2, and affects any application that relies on that code for OAuth or other authentication flows.", "description_and_impact": "HybridAuth up to version 3.12.2 has a flaw in its SSL handling component, Curl.php, that allows an attacker to circumvent certificate checks by manipulating curlOptions. This improper certificate validation (CWE\u2011295) could let an attacker perform man\u2011in\u2011the\u2011middle or other credential\u2011stealing attacks, exposing confidential data, while the system may accept unauthorized connections (CWE\u2011287).", "risk_and_exploitability": "The CVSS score of 6.3 indicates moderate severity. EPSS information is not available and the flaw is not listed in the CISA KEV catalog. Exploitation requires remote access, a high attack complexity, and is deemed difficult. Attackers could craft a request that overrides the curl options, forcing the library to accept untrusted certificates. Until the library is updated, this weakness remains exploitable."}}}}, "created": "2026-03-24T10:34:04.731648+00:00", "updated": "2026-03-25T14:49:08.969439+00:00", "vendors": ["hybridauth", "hybridauth$PRODUCT$hybridauth"]}