Vulnerabilities

CVE-2026-7009

by Fred · 13/05/2026

When curl is told to use the Certificate Status Request TLS extension, often
referred to as *OCSP stapling*, to verify that the server certificate is
valid, it fails to detect OCSP problems and instead wrongly consider the
response as fine.

More information : https://curl.se/docs/CVE-2026-7009.html

Similar

Tags: Cybersecurity Alert