session reuse

Session reuse in libcurl's Negotiate authentication is the focus of a security vulnerability tracked as CVE-2026-1965, fixed in curl version 8.19.0. The flaw allows a request to reuse a connection authenticated for a different user, leading to wrong-identity reuse and credential confusion. This affects libcurl, a widely embedded networking library. The tag covers discussions about this specific vulnerability, its disclosure, and the patch. Topics include authentication logic flaws, connection reuse risks, and security updates for Windows and other systems using libcurl.