Back to search
CVE-2026-7009
Published: May 13, 2026
Modified: May 13, 2026
PUBLISHED
Description
When curl is told to use the Certificate Status Request TLS extension, often referred to as *OCSP stapling*, to verify that the server certificate is valid, it fails to detect OCSP problems and instead wrongly consider the response as fine.
| Vendor | Product | Versions |
|---|---|---|
curl | curl | affected 8.19.0 - <= 8.19.0affected 8.18.0 - <= 8.18.0affected 8.17.0 - <= 8.17.0 |
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now