Medium severity5.3NVD Advisory· Published May 13, 2026· Updated May 14, 2026
CVE-2026-7009
CVE-2026-7009
Description
When curl is told to use the Certificate Status Request TLS extension, often referred to as *OCSP stapling*, to verify that the server certificate is valid, it fails to detect OCSP problems and instead wrongly consider the response as fine.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
4- www.openwall.com/lists/oss-security/2026/04/29/12nvdMailing ListPatchThird Party Advisory
- curl.se/docs/CVE-2026-7009.htmlnvdPatchVendor Advisory
- hackerone.com/reports/3694390nvdExploitIssue TrackingPatch
- curl.se/docs/CVE-2026-7009.jsonnvdProduct
News mentions
0No linked articles in our index yet.