CVE-2026-7009

When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it fails to detect OCSP problems and instead wrongly consider the response as fine...

EEF-CVE-2026-42791 OCSP responder certificate validity period not checked in public_key

Summary Improper Certificate Validation vulnerability in Erlang OTP publickey pubkeyocsp module allows forged OCSP responses signed with an expired responder certificate to be accepted as valid. OCSP response verification in pubkeyocsp:verifyresponse/5 and pubkeyocsp:isauthorizedresponder/3 in...

CVE-2026-7009

When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it fails to detect OCSP problems and instead wrongly consider the response as fine...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: curl (UTSA-2025-987459)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987459 advisory. When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might...

Linux Distros Unpatched Vulnerability : CVE-2024-8096

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it...

openssl: OCSP Status Request extension unbounded memory growth

A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it...