216.73.217.80

CVE-2025-10966

· Published 07/11/2025 08:15 · Modified 12/11/2025 16:20

Labels: CVE-2025-10966 2025-11-072499f714-1537-4658-8207-48ae4bb9eae9CVE-2025-10966

Essential information

Published
07/11/2025 08:15
Modified
12/11/2025 16:20
Author
Creator
CVSS
4.3 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CVSS metrics

Description

curl's code for managing SSH connections when SFTP was done using the wolfSSH powered backend was flawed and missed host verification mechanisms. This prevents curl from detecting MITM attackers and more.

NVD status

Status
Awaiting Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
2499f714-1537-4658-8207-48ae4bb9eae9
NVD
View on NVD

References