VDB
ANCHORE-2026-9080
ANCHORE-2026-9080
PUBLISHED
Calling `curl_easy_pause()` within the event-based `CURLMOPT_SOCKETFUNCTION` callback triggers a use-after-free vulnerability, where libcurl attempts to store a flag using a dangling struct pointer immediately after that pointer's memory has been freed.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| curl | curl | 8.13.0 |
Timeline
- Jul 3, 2026 CVE Published
- Jul 6, 2026 CVE Updated