CVE-2026-9547
CVE-2026-9547 describes an SSH host-validation flaw in libcurl: when a libcurl-based application uses SCP/SFTP with CURLOPT_SSH_KEYFUNCTION, a host key type mismatch may be silently accepted, allowing a connection to succeed without warning and enabling potential man-in-the-middle attacks. The is...