A vulnerability was found in curl libcURL up to 8.20.0. It has been rated as critical. The impacted element is the function curl_easy_pause. This manipulation causes use after free. This vulnerability is registered as CVE-2026-9080. Remote exploitation of the attack is possible.
| Vendor | Product | Versions |
|---|---|---|
| curl | curl | 8.20.0, 8.19.0, 8.18.0, 8.17.0, 8.16.0, 8.15.0, 8.14.1, 8.14.0, 8.13.0 |
Updated severity to CRITICAL, marked as actively exploited, and provided a more detailed description of the vulnerability.
Initial creation