CVE-2026-9080
CVE-2026-9080 is a use-after-free in libcurl triggered when curl_easy_pause() is called from the event-based CURLMOPT_SOCKETFUNCTION callback. The underlying issue is a freed mev_sh_entry pointer being used to update tracing fields, potentially allowing DoS or code execution paths. Affected softw...