Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-9547 |
|
Vulnerability in haxx (CVE-2026-9547)
vulnerability in haxx (CVE-2026-9547). Confidential information can be exposed externally. Exploitable via ``CURLOPT_SSH_KEYFUNCTION``.
|
| CVE-2026-8926 |
|
Vulnerability in haxx (CVE-2026-8926)
vulnerability in haxx (CVE-2026-8926). Confidential information can be exposed externally.
|
| CVE-2026-8927 |
|
Vulnerability in haxx (CVE-2026-8927)
vulnerability in haxx (CVE-2026-8927). Confidential information can be exposed externally. Exploitable via ``proxyA``.
|
| CVE-2026-8932 |
|
Vulnerability in haxx (CVE-2026-8932)
vulnerability in haxx (CVE-2026-8932). Data can be tampered with by attackers.
|
| CVE-2026-9079 |
|
Vulnerability in haxx (CVE-2026-9079)
vulnerability in haxx (CVE-2026-9079). Successful exploitation can lead to full system takeover.
|
| CVE-2026-9080 |
|
Use-After-Free in haxx (CVE-2026-9080)
vulnerability in haxx (CVE-2026-9080). Risk of unauthorized operations or information disclosure. Exploitable via ``CURLMOPT_SOCKETFUNCTION``.
|
| CVE-2026-9545 |
|
Vulnerability in haxx (CVE-2026-9545)
vulnerability in haxx (CVE-2026-9545). Confidential information can be exposed externally. Exploitable via ``CURLOPT_SSL_SESSIONID_CACHE``.
|
| CVE-2026-9546 |
|
Vulnerability in haxx (CVE-2026-9546)
vulnerability in haxx (CVE-2026-9546). Confidential information can be exposed externally. Exploitable via ``CURLOPT_REFERER``.
|
| CVE-2026-8925 |
|
Vulnerability in haxx (CVE-2026-8925)
vulnerability in haxx (CVE-2026-8925). Successful exploitation can lead to full system takeover.
|
| CVE-2026-8924 |
|
Vulnerability in haxx (CVE-2026-8924)
vulnerability in haxx (CVE-2026-8924). Confidential information can be exposed externally.
|
| CVE-2026-8458 |
|
Vulnerability in haxx (CVE-2026-8458)
vulnerability in haxx (CVE-2026-8458). Data can be tampered with by attackers.
|
| CVE-2026-12064 |
|
Vulnerability in haxx (CVE-2026-12064)
vulnerability in haxx (CVE-2026-12064). Data can be tampered with by attackers.
|
| CVE-2026-8286 |
|
Vulnerability in haxx (CVE-2026-8286)
vulnerability in haxx (CVE-2026-8286). Confidential information can be exposed externally.
|
| CVE-2026-11564 |
|
Vulnerability in haxx (CVE-2026-11564)
vulnerability in haxx (CVE-2026-11564). Confidential information can be exposed externally.
|
| CVE-2026-11352 |
|
Vulnerability in dos (CVE-2026-11352)
vulnerability in dos (CVE-2026-11352). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-10536 |
|
Use-After-Free in haxx (CVE-2026-10536)
vulnerability in haxx (CVE-2026-10536). Successful exploitation can lead to full system takeover. Exploitable via ``CURLOPT_STREAM_DEPENDS``.
|
| CVE-2026-11586 |
|
Vulnerability in haxx (CVE-2026-11586)
vulnerability in haxx (CVE-2026-11586). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-11856 |
|
Vulnerability in haxx (CVE-2026-11856)
vulnerability in haxx (CVE-2026-11856). Successful exploitation can lead to full system takeover. Exploitable via ``hostA``.
|
| CVE-2026-6253 |
|
Vulnerability in haxx (CVE-2026-6253)
vulnerability in haxx (CVE-2026-6253). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-5545 |
|
Vulnerability in haxx (CVE-2026-5545)
vulnerability in haxx (CVE-2026-5545). Data can be tampered with by attackers.
|
| CVE-2026-5773 |
|
SSRF (Server-Side Request Forgery) in haxx (CVE-2026-5773)
SSRF in haxx (CVE-2026-5773). Confidential information can be exposed externally.
|
| CVE-2026-6276 |
|
Vulnerability in haxx (CVE-2026-6276)
vulnerability in haxx (CVE-2026-6276). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-7168 |
|
Vulnerability in haxx (CVE-2026-7168)
vulnerability in haxx (CVE-2026-7168). Risk of unauthorized operations or information disclosure. Exploitable via ``proxyA``.
|
| CVE-2026-7009 |
|
Vulnerability in haxx (CVE-2026-7009)
vulnerability in haxx (CVE-2026-7009). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-6429 |
|
Vulnerability in haxx (CVE-2026-6429)
vulnerability in haxx (CVE-2026-6429). Confidential information can be exposed externally.
|
| CVE-2026-4873 |
|
Vulnerability in haxx (CVE-2026-4873)
vulnerability in haxx (CVE-2026-4873). Confidential information can be exposed externally.
|
| CVE-2026-3784 |
|
Vulnerability in haxx (CVE-2026-3784)
vulnerability in haxx (CVE-2026-3784). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-10966 |
|
Vulnerability in haxx (CVE-2025-10966)
vulnerability in haxx (CVE-2025-10966). Risk of unauthorized operations or information disclosure.
|
| CVE-2025-9086 |
|
Out-of-Bounds Read in haxx (CVE-2025-9086)
vulnerability in haxx (CVE-2025-9086). Risk of unauthorized operations or information disclosure. Exploitable via ``secure``.
|
| CVE-2023-46219 |
|
Vulnerability in haxx (CVE-2023-46219)
vulnerability in haxx (CVE-2023-46219). Risk of unauthorized operations or information disclosure.
|
| CVE-2023-46218 |
|
Vulnerability in haxx (CVE-2023-46218)
vulnerability in haxx (CVE-2023-46218). Risk of unauthorized operations or information disclosure. Exploitable via ``curl.co.uk``.
|
| CVE-2023-38546 |
|
Vulnerability in c (CVE-2023-38546)
vulnerability in c (CVE-2023-38546). Risk of unauthorized operations or information disclosure. Exploitable via ``none``.
|
| CVE-2023-38545 |
|
Out-of-Bounds Write in haxx (CVE-2023-38545)
out-of-bounds write in haxx (CVE-2023-38545). Successful exploitation can lead to full system takeover.
|
| CVE-2022-27782 |
|
Vulnerability in haxx (CVE-2022-27782)
vulnerability in haxx (CVE-2022-27782). Data can be tampered with by attackers.
|
| CVE-2022-27781 |
|
Vulnerability in haxx (CVE-2022-27781)
vulnerability in haxx (CVE-2022-27781). Risk of unauthorized operations or information disclosure. Exploitable via ``CURLOPT_CERTINFO``.
|
| CVE-2022-27775 |
|
Information Disclosure in haxx (CVE-2022-27775)
vulnerability in haxx (CVE-2022-27775). Confidential information can be exposed externally.
|
| CVE-2022-27774 |
|
Vulnerability in haxx (CVE-2022-27774)
vulnerability in haxx (CVE-2022-27774). Confidential information can be exposed externally.
|
| CVE-2022-22576 |
|
Authentication Bypass in haxx (CVE-2022-22576)
authentication bypass in haxx (CVE-2022-22576). Confidential information can be exposed externally.
|
| CVE-2021-22926 |
|
Vulnerability in haxx (CVE-2021-22926)
vulnerability in haxx (CVE-2021-22926). Risk of unauthorized operations or information disclosure. Exploitable via ``CURLOPT_SSLCERT``.
|
| CVE-2021-22897 |
|
Vulnerability in haxx (CVE-2021-22897)
vulnerability in haxx (CVE-2021-22897). Risk of unauthorized operations or information disclosure. Exploitable via ``CURLOPT_SSL_CIPHER_LIST``.
|
| CVE-2017-8818 |
|
Buffer Overflow in dos (CVE-2017-8818)
vulnerability in dos (CVE-2017-8818). Successful exploitation can lead to full system takeover. Exploitable via ``connectdata``.
|
| CVE-2017-8817 |
|
Out-of-Bounds Read in dos (CVE-2017-8817)
vulnerability in dos (CVE-2017-8817). Successful exploitation can lead to full system takeover. Exploitable via ``CURLOPT_WILDCARDMATCH``.
|
| CVE-2017-8816 |
|
Vulnerability in dos (CVE-2017-8816)
vulnerability in dos (CVE-2017-8816). Successful exploitation can lead to full system takeover. Exploitable via ``Curl_ntlm_core_mk_ntlmv2_hash``.
|
| CVE-2017-1000257 |
|
Buffer Overflow in haxx (CVE-2017-1000257)
vulnerability in haxx (CVE-2017-1000257). Confidential information can be exposed externally.
|
| CVE-2017-1000254 |
|
Buffer Overflow in haxx (CVE-2017-1000254)
vulnerability in haxx (CVE-2017-1000254). Risk of unauthorized operations or information disclosure. Exploitable via ``PWD``.
|
| CVE-2017-1000101 |
|
Buffer Overflow in haxx (CVE-2017-1000101)
vulnerability in haxx (CVE-2017-1000101). Confidential information can be exposed externally.
|
| CVE-2017-1000100 |
|
Information Disclosure in haxx (CVE-2017-1000100)
vulnerability in haxx (CVE-2017-1000100). Confidential information can be exposed externally. Exploitable via ``CURLOPT_REDIR_PROTOCOLS``.
|
| CVE-2017-1000099 |
|
Information Disclosure in haxx (CVE-2017-1000099)
vulnerability in haxx (CVE-2017-1000099). Confidential information can be exposed externally.
|
| CVE-2017-9502 |
|
Buffer Overflow in dos (CVE-2017-9502)
vulnerability in dos (CVE-2017-9502). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7407 |
|
Buffer Overflow in c (CVE-2017-7407)
vulnerability in c (CVE-2017-7407). Risk of unauthorized operations or information disclosure.
|