Where
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how curl compares to other vendors in security performance

View Risk Score →

oss-secSv: Coordinated Disclosuin the LLM Age

First published (updated )
https://seclists.org/oss-sec/2026/q2/678

oss-secCoordinated Disclosuin the LLM Age

First published (updated )
https://seclists.org/oss-sec/2026/q2/675

oss-secSv: Coordinated Disclosuin the LLM Age

First published (updated )
https://seclists.org/oss-sec/2026/q2/667

oss-secSv: Coordinated Disclosuin the LLM Age

First published (updated )
https://seclists.org/oss-sec/2026/q2/541

curl libcurlcross-proxy Digest auth state leak

Risk 20
Severity
5.3
EPSS
0.08%
First published (updated )
CVE-2026-7168
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

curl libcurlstale custom cookie host causes cookie leak

Risk 46
Severity
7.5
First published (updated )
CVE-2026-6276

curl curlOCSP stapling bypass with Apple SecTrust

Risk 20
Severity
5.3
EPSS
0.02%
First published (updated )
CVE-2026-7009

curl curlproxy credentials leak over redirect-to proxy

Risk 37
Severity
5.9
First published (updated )
CVE-2026-6253

curl libcurlnetrc credential leak with reused proxy connection

Risk 34
Severity
5.3
First published (updated )
CVE-2026-6429

curl libcurlwrong reuse of SMB connection

Risk 46
Severity
7.5
First published (updated )
CVE-2026-5773
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

curl libcurlwrong reuse of HTTP Negotiate connection

Risk 48
Severity
6.5
First published (updated )
CVE-2026-5545

curl curlconnection reuse ignores TLS requirement

Risk 37
Severity
5.9
First published (updated )
CVE-2026-4873

oss-sec[ADVISORY] curl: CVE-2026-7168: cross-proxy Digest auth state leak

First published (updated )
https://seclists.org/oss-sec/2026/q2/272

oss-sec[ADVISORY] curl: CVE-2026-7009: OCSP stapling bypass with Apple SecTrust

First published (updated )
https://seclists.org/oss-sec/2026/q2/270

oss-sec[ADVISORY] curl: CVE-2026-6429: netrc cdential leak with used proxy connection

First published (updated )
https://seclists.org/oss-sec/2026/q2/268
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

oss-sec[ADVISORY] curl: CVE-2026-6276: stale custom cookie host causes cookie leak

First published (updated )
https://seclists.org/oss-sec/2026/q2/271

oss-sec[ADVISORY] curl: CVE-2026-6253: proxy cdentials leak over dict-to proxy

First published (updated )
https://seclists.org/oss-sec/2026/q2/269

oss-sec[ADVISORY] curl: CVE-2026-5773: wrong use of SMB connection

First published (updated )
https://seclists.org/oss-sec/2026/q2/267

oss-sec[ADVISORY] curl: CVE-2026-5545: wrong use of HTTP Negotiate connection

First published (updated )
https://seclists.org/oss-sec/2026/q2/266

oss-sec[ADVISORY] curl: CVE-2026-4873: connection use ignos TLS quiment

First published (updated )
https://seclists.org/oss-sec/2026/q2/265
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

redhat/wcurlwcurl path traversal with percent-encoded slashes

Risk 31
Severity
4.6
First published (updated )
CVE-2025-11563

curl curlmissing SFTP host verification with wolfSSH

Risk 54
Severity
6.8
First published (updated )
CVE-2025-10966

[SECURITY ADVISORY] curl: missing SFTP host verification with wolfSSH

First published (updated )
https://seclists.org/oss-sec/2025/q4/137

[SECURITY ADVISORY] curl: CVE-2025-10148: pdictable WebSocket mask

First published (updated )
https://seclists.org/oss-sec/2025/q3/162

[SECURITY ADVISORY] curl: CVE-2025-10148: pdictable WebSocket mask

First published (updated )
https://seclists.org/oss-sec/2025/q3/163
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

curl curlpredictable WebSocket mask

Risk 49
Severity
6.5
First published (updated )
CVE-2025-10148

Apple iOSOut of bounds read for cookie path

Risk 32
Severity
7.5
EPSS
0.03%
First published (updated )
CVE-2025-9086

[SECURITY ADVISORY] curl: CVE-2025-10148: pdictable WebSocket mask

First published (updated )
https://seclists.org/oss-sec/2025/q3/161

[SECURITY ADVISORY] curl: CVE-2025-9086: Out of bounds ad for cookie path

First published (updated )
https://seclists.org/oss-sec/2025/q3/160

The RegisterCurl creator mulls nixing bug bounty awards to stop AI slop

First published (updated )
News
The Register
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203