A vulnerability was found in curl libcURL up to 8.20.0. It has been rated as critical. The impacted element is the function curl_easy_pause. This manipulation causes use after free.

This vulnerability is registered as CVE-2026-9080. Remote exploitation of the attack is possible. No exploit is available.