HackerOne: CVE-2022-27776 Insufficiently protected credentials vulnerability might leak authentication or cookie header data. This CVE is regarding a vulnerability in the curl open source library which is used by Windows. The July 2022 Windows Security Updates includes the most recent version of this library which addresses the vulnerability and others. Please see curl security problems for information on all of the vulnerabilities that have been addressed.