CVE-2026-9080
CVE-2026-9080CVE-2026-9080
Description
Calling `curl_easy_pause()` within the event-based `CURLMOPT_SOCKETFUNCTION`
callback triggers a use-after-free vulnerability, where libcurl attempts to
store a flag using a dangling struct pointer immediately after that pointer's
memory has been freed.
Scoring
| Last modified | 2026-07-03 |