curl
Security Risk Profile
36
/100
lowSecurity Risk Score
Comprehensive risk assessment based on 89 vulnerabilities, EPSS scores, exploitation status, and remediation availability.
📅 Data spans from February 21, 2005 to present
89
Total CVEs
15
Critical+High
1
Exploited
2
Unpatched
Threat Assessment
Avg CVSS
6.1
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
2
Critical/High
Risk Level
36/100
low
⚠️ 1 Active Exploits🆕 3Fresh (<7d)📈 20 in Last 30 Days
Severity Distribution
Critical
3High
12Medium
18Low
4Exploit Likelihood
>50% chance
020-50%
05-20%
0<5%
5Age Distribution
Common Weaknesses (CWE)
1
Buffer Overflow
6
2
Race Condition
4
3
Infoleak
3
4
Path Traversal
2
5
SSRF
1
Most Affected Products
1. curl libcurl166
2. curl curl128
3. haxx curl21
4. libcurl libcurl21
5. ubuntu/curl18
Recent Vulnerabilities
See more →https://seclists.org/oss-sec/2026/q2/678
unknown
Sv: Coordinated Disclosuin the LLM Age
5/24/2026🔧 No Patch
https://seclists.org/oss-sec/2026/q2/675
unknown
Coordinated Disclosuin the LLM Age
5/23/2026🔧 No Patch
https://seclists.org/oss-sec/2026/q2/667
unknown
Sv: Coordinated Disclosuin the LLM Age
5/22/2026🔧 No Patch
https://seclists.org/oss-sec/2026/q2/541
unknown
Sv: Coordinated Disclosuin the LLM Age
5/15/2026🔧 No Patch
CVE-2026-7168
CVSS 5.3EPSS 0%medium
cross-proxy Digest auth state leak
4/29/2026
CVE-2026-6276
CVSS 7.5high
stale custom cookie host causes cookie leak
4/29/2026
CVE-2026-7009
CVSS 5.3EPSS 0%medium
OCSP stapling bypass with Apple SecTrust
4/29/2026
CVE-2026-6253
CVSS 5.9medium
proxy credentials leak over redirect-to proxy
4/29/2026
CVE-2026-6429
CVSS 5.3medium
netrc credential leak with reused proxy connection
4/29/2026
CVE-2026-5773
CVSS 7.5high
wrong reuse of SMB connection
4/29/2026
Monitor curl in Real-Time
Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.