curl: CVE-2026-8286: wrong STARTTLS connection reuse
A vulnerability was found in the Curl library that allowed a plain-text connection to reuse an existing SSL-upgraded connection without verifying the SSL configuration. This could lead to a man-in-the-middle attack if an attacker was able to intercept the initial STARTTLS upgrade. The issue was...