curl

Top products

The 15 most recently published vulnerabilities affecting curl.

• CVE-2026-7168cross-proxy Digest auth state leak5.3May 13, 2026
• CVE-2026-7009OCSP stapling bypass with Apple SecTrust5.3May 13, 2026
• CVE-2026-6429netrc credential leak with reused proxy connection5.3May 13, 2026
• CVE-2026-6276stale custom cookie host causes cookie leak7.5May 13, 2026
• CVE-2026-6253proxy credentials leak over redirect-to proxy5.9May 13, 2026
• CVE-2026-5773wrong reuse of SMB connection7.5May 13, 2026
• CVE-2026-5545wrong reuse of HTTP Negotiate connection6.5May 13, 2026
• CVE-2026-4873connection reuse ignores TLS requirement5.9May 13, 2026
• CVE-2026-3805use after free in SMB connection reuse7.5Mar 11, 2026
• CVE-2026-3784wrong proxy connection reuse with credentials6.5Mar 11, 2026
• CVE-2026-3783token leak with redirect and netrc5.3Mar 11, 2026
• CVE-2026-1965bad reuse of HTTP Negotiate connection6.5Mar 11, 2026
• CVE-2025-11563wcurl path traversal with percent-encoded slashes4.6Feb 25, 2026
• CVE-2025-15224libssh key passphrase bypass without agent set3.1Jan 8, 2026
• CVE-2025-15079libssh global known_hosts override5.3Jan 8, 2026