CVE-2026-6429 is a credential leak vulnerability where netrc credentials can be inadvertently exposed when an HTTP proxy connection is reused across requests. This occurs because authentication credentials stored in netrc files may be transmitted to unintended destinations via a reused proxy connection. If exploited, an attacker with visibility into proxy traffic could capture sensitive credentials used by Azure-connected workloads.

Security Architect’s Take: Review any Azure workloads or pipelines that use netrc files for credential storage alongside HTTP proxy configurations, and consider rotating any credentials that may have transited affected connections. Disable connection reuse on proxy clients where feasible, and audit proxy logs for unexpected credential forwarding until a patch is applied.

Original advisory: CVE-2026-6429 netrc credential leak with reused proxy connection