Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

curl — Vulnerabilities & Security Advisories 63

All 63 CVE vulnerabilities found in curl, with AI-generated Chinese analysis, references, and POCs.

Vendor: n/a

CVE IDTitleCVSSSeverityPaused
CVE-2026-3805 use after free in SMB connection reuse 9.1 -2026-03-11
CVE-2026-3784 wrong proxy connection reuse with credentials 7.5 -2026-03-11
CVE-2026-3783 token leak with redirect and netrc 6.5 -2026-03-11
CVE-2026-1965 bad reuse of HTTP Negotiate connection 7.7 -2026-03-11
CVE-2025-11563 wcurl path traversal with percent-encoded slashes 9.1AICriticalAI2026-02-25
CVE-2025-15224 libssh key passphrase bypass without agent set 9.8 -2026-01-08
CVE-2025-15079 libssh global known_hosts override 7.5 -2026-01-08
CVE-2025-14819 OpenSSL partial chain store policy bypass 8.2 -2026-01-08
CVE-2025-14524 bearer token leak on cross-protocol redirect 4.3 -2026-01-08
CVE-2025-14017 broken TLS options for threaded LDAPS 4.3 -2026-01-08
CVE-2025-13034 No QUIC certificate pinning with GnuTLS 7.5 -2026-01-08
CVE-2025-10966 missing SFTP host verification with wolfSSH 7.4 -2025-11-07
CVE-2025-10148 predictable WebSocket mask 7.1 -2025-09-12
CVE-2025-9086 Out of bounds read for cookie path 8.1 -2025-09-12
CVE-2025-5399 WebSocket endless loop 7.5AIHighAI2025-06-07
CVE-2025-5025 No QUIC certificate pinning with wolfSSL 6.5AIMediumAI2025-05-28
CVE-2025-4947 QUIC certificate check skip with wolfSSL 7.4AIHighAI2025-05-28
CVE-2025-0725 gzip integer overflow 8.8 -2025-02-05
CVE-2025-0665 eventfd double close 7.1 -2025-02-05
CVE-2025-0167 netrc and default credential leak 5.9 -2025-02-05
CVE-2024-11053 netrc and redirect credential leak 6.5 -2024-12-11
CVE-2024-9681 HSTS subdomain overwrites parent cache entry 5.9AIMediumAI2024-11-06
CVE-2024-8096 OCSP stapling bypass with GnuTLS 7.5AIHighAI2024-09-11
CVE-2024-7264 ASN.1 date parser overread 9.1AICriticalAI2024-07-31
CVE-2024-6874 macidn punycode buffer overread 9.1AICriticalAI2024-07-24
CVE-2024-6197 freeing stack buffer in utf8asn1str 9.1AICriticalAI2024-07-24
CVE-2024-2466 TLS certificate check bypass with mbedTLS 5.9 -2024-03-27
CVE-2024-2379 QUIC certificate check bypass with wolfSSL 7.5 -2024-03-27
CVE-2024-2398 HTTP/2 push headers memory-leak --2024-03-27
CVE-2024-2004 Usage of disabled protocol 7.5 -2024-03-27

All 63 known CVE vulnerabilities affecting curl with full Chinese analysis, references, and POCs where available.