Lucene search
K

4 matches found

Circl
Circl
added 2026/07/03 9:52 a.m.10 views

CVE-2026-9080

creationtimestamp| type| source ---|---|--- 2026-07-03 09:52:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpqblol6pi22 2026-07-03 21:37:01+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpriwslfl72k 2026-07-08 04:03:40+00:00| seen|...

7.3CVSS5.9AI score0.00494EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.10 views

libcurl 8.13.0 < 8.21.0 Use-After-Free in Socket Callback

The version of libcurl installed on the remote host is 8.13.0 prior to 8.21.0. It is, therefore, affected by a use-after-free vulnerability: - Calling curleasypause within the event-based CURLMOPTSOCKETFUNCTION callback triggers a use-after-free vulnerability. CVE-2026-9080 Note that Nessus has n...

7.3CVSS6AI score0.00494EPSS
Exploits1References2
Hacker One
Hacker One
added 2026/06/25 12:17 p.m.18 views

curl: UAF read in mev_pollset_diff() trace path after curl_easy_pause() in socket callback

Summary: The CVE-2026-9080 fix re-fetches the shentry after the socket callback inside mevshentryupdate, because curleasypause called from that callback re-enters mevassess and can free the entry. The same re-fetch was not applied at the caller, mevpollsetdiff, which dereferences its own entry...

7.3CVSS5.8AI score0.00494EPSS
Exploits1
OSV
OSV
added 2026/06/24 2:0 p.m.4 views

UBUNTU-CVE-2026-9080

Calling curleasypause within the event-based CURLMOPTSOCKETFUNCTION callback triggers a use-after-free vulnerability, where libcurl attempts to store a flag using a dangling struct pointer immediately after that pointer's memory has been freed...

7.3CVSS5.7AI score0.00494EPSS
Exploits1References4
Rows per page
Query Builder