CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

27 matches found

RedhatCVE•added 2026/06/05 7:50 p.m.•5 views

CVE-2026-7009

When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it fails to detect OCSP problems and instead wrongly consider the response as fine...

5.3CVSS5.4AI score0.00267EPSS

Exploits1References1

NVD•added 2026/05/13 1:1 p.m.•15 views

CVE-2026-7009

5.3CVSS0.00267EPSS

Exploits1References4

OSV•added 2026/05/13 1:1 p.m.•2 views

ALPINE-CVE-2026-7009

5.3CVSS5.4AI score0.00267EPSS

Exploits1References1

CVE•added 2026/05/13 8:28 a.m.•18 views

CVE-2026-7009

CVE-2026-7009 affects curl when using OCSP stapling. Providers report that curl, on Apple systems with Apple SecTrust and when built with an OpenSSL backend, fails to detect OCSP problems and treats the stapled response as valid. The Nessus entry notes a specific vulnerable range: curl 8.17.0 bef...

5.3CVSS5.8AI score0.00267EPSS

Exploits1References4Affected Software1

OSV•added 2026/05/04 1:12 p.m.•3 views

JLSEC-2026-418 When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP...

When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and instead wrongly consider the response as fine. If the returned status reports another error tha...

6.5CVSS5.8AI score0.00745EPSS

Exploits1References9

OSV•added 2026/04/29 8:0 a.m.•7 views

CURL-CVE-2026-7009 OCSP stapling bypass with Apple SecTrust

5.3CVSS5.4AI score0.00267EPSS

Exploits1

curl security advisories•added 2026/04/29 8:0 a.m.•4 views

OCSP stapling bypass with Apple SecTrust

5.3CVSS5.2AI score0.00267EPSS

Exploits1References1Affected Software2

Tenable Nessus•added 2025/10/07 12:0 a.m.•2 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: curl (UTSA-2025-987459)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987459 advisory. When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might...

6.5CVSS7.1AI score0.00745EPSS

Exploits1References4

Tenable Nessus•added 2024/12/12 12:0 a.m.•19 views

EulerOS 2.0 SP11 : curl (EulerOS-SA-2024-2964)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is...

6.5CVSS7.2AI score0.00745EPSS

Exploits1References2

Tenable Nessus•added 2024/12/12 12:0 a.m.•12 views

EulerOS 2.0 SP11 : curl (EulerOS-SA-2024-2978)

6.5CVSS7.2AI score0.00745EPSS

Exploits1References2

OpenVAS•added 2024/11/11 12:0 a.m.•13 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-2825)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.7AI score0.16212EPSS

Exploits2References3

OpenVAS•added 2024/11/11 12:0 a.m.•13 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-2882)

6.5CVSS6.7AI score0.16212EPSS

Exploits2References3

OpenVAS•added 2024/11/11 12:0 a.m.•9 views

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-2901)

6.5CVSS6.7AI score0.16212EPSS

Exploits2References3

Tenable Nessus•added 2024/09/13 12:0 a.m.•43 views

Curl 7.41.0 < 8.10.0 Security Bypass (CVE-2024-8096)

The version of Curl installed on the remote host is between 7.41.0 prior to 8.10.0. It is, therefore, affected by a security bypass vulnerability. When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is...

6.5CVSS7.2AI score0.00745EPSS

Exploits1References2

RedhatCVE•added 2024/09/11 11:11 a.m.•21 views

CVE-2024-8096

A vulnerability was found in Curl. When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is valid, it might fail to detect some OCSP problems and incorrectly consider the response as fine instead. If the...

6.5CVSS7.1AI score0.00745EPSS

Exploits1References3

OSV•added 2024/09/11 10:15 a.m.•4 views

AZL-49041 CVE-2024-8096 affecting package cmake for versions less than 3.30.3-2

6.5CVSS6.9AI score0.00745EPSS

Exploits1References1

OSV•added 2024/09/11 10:15 a.m.•6 views

AZL-49035 CVE-2024-8096 affecting package curl for versions less than 8.8.0-3

6.5CVSS6.9AI score0.00745EPSS

Exploits1References1

OSV•added 2024/09/11 10:15 a.m.•5 views

AZL-49038 CVE-2024-8096 affecting package curl for versions less than 8.8.0-3