Multiple vulnerabilities have been identified in the Curl networking library, allowing attackers to compromise data confidentiality and bypass security policies. The flaws affect Curl versions 7.17.x through 8.x prior to 8.18.0. The French CERT (CERT‑FR) issued a warning on January 7, 2026, based on several official security bulletins, including CVE‑2025‑14524, CVE‑2025‑13034, CVE‑2025‑14017, CVE‑2025‑14819, CVE‑2025‑15079, and CVE‑2025‑15224. The advisory advises users to consult the vendor’s security bulletins for patch information and to apply updates promptly. Detailed references and download links for each CVE are provided in the official notice. Security teams should verify current Curl versions and apply available patches from the official Curl website or package managers as soon as possible.
Summary of content from
https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0010/
Made by AI. If you spot anything of concern write us at contact@cybach.com. We’ll promptly correct irregularities.