CVE-2025-9086 | cURL up to 8.15.0 Cookie Path out-of-bounds (f24dc09d209a2f91ca38d)

Inserito da Angelo Barbosa | Set 11, 2025 | CVE

A vulnerability marked as critical has been reported in cURL up to 8.15.0. This impacts an unknown function of the component Cookie Path Handler. Performing manipulation results in out-of-bounds read.

This vulnerability is reported as CVE-2025-9086. The attack is possible to be carried out remotely. No exploit exists.

It is suggested to upgrade the affected component.

CVE-2025-9086 | cURL up to 8.15.0 Cookie Path out-of-bounds (f24dc09d209a2f91ca38d)

Post correlati

CVE-2024-26663 | Linux Kernel up to 6.7.4 tipc_udp_nl_bearer_add media_ptr Privilege Escalation

CVE-2024-6915 | JFrog Artifactory up to 7.90.5 Cache input validation

CVE-2024-6184 | Ruijie RG-UAC 1.0 reboot_commit.php servicename os command injection

CVE-2024-41317 | TOTOLINK A6000R 1.0.1-B20201211.2000 apcli_do_enr_pbc_wps ifname command injection