Vulnerabilities ›

CVE-2026-7009

Medium ⚡ Exploit Available

CWE-295 — Weakness Type

                    Published: May 13, 2026                      ·  Modified: May 16, 2026                      ·  Source: NVD                

CVSS v3

5.3

🔗 NVD Official

📄 Description (English)

When curl is told to use the Certificate Status Request TLS extension, often
referred to as *OCSP stapling*, to verify that the server certificate is
valid, it fails to detect OCSP problems and instead wrongly consider the
response as fine.

🤖 AI Executive Summary

CVE-2026-7009 is a vulnerability in curl's OCSP stapling implementation that fails to properly validate certificate status responses, potentially allowing invalid certificates to be accepted. This could enable man-in-the-middle attacks or allow communication with compromised servers.

📄 Description (Arabic)

تؤثر هذه الثغرة على وظيفة OCSP stapling في curl حيث تفشل في اكتشاف المشاكل في استجابات حالة الشهادة. يمكن للمهاجمين استغلال هذا الفشل لتمرير شهادات غير صالحة أو منتهية الصلاحية دون اكتشاف.

🤖 ملخص تنفيذي (AI)

CVE-2026-7009 هي ثغرة في تطبيق curl لـ OCSP stapling تفشل في التحقق الصحيح من استجابات حالة الشهادة، مما قد يسمح بقبول شهادات غير صالحة. قد يمكن هذا من هجمات الوسيط أو السماح بالاتصال بالخوادم المخترقة.

🤖 AI Intelligence Analysis Analyzed: May 30, 2026 04:37

🇸🇦 Saudi Arabia Impact Assessment

Saudi Relevance: high

🏢 Affected Saudi Sectors

banking telecom government healthcare

🎯 MITRE ATT&CK Techniques

T1557 T1557.002

⚖️ Saudi Risk Score (AI)

7.0

/ 10.0

🔧 Remediation Steps (English)

Update curl to the latest patched version immediately. Verify OCSP stapling configuration and consider disabling it temporarily until patches are applied. Implement certificate pinning as an additional security layer and monitor for suspicious certificate validation failures in logs.

🔧 خطوات المعالجة (العربية)

قم بتحديث curl إلى أحدث إصدار مصحح على الفور. تحقق من إعدادات OCSP stapling وفكر في تعطيلها مؤقتاً حتى يتم تطبيق التصحيحات. قم بتطبيق certificate pinning كطبقة أمان إضافية ومراقبة أي فشل مريب في التحقق من الشهادات في السجلات.

📋 Regulatory Compliance Mapping

🟢 NCA ECC 2024

A.13.1.1 A.14.2.1

🔵 SAMA CSF

ID.SC-1 PR.DS-2

🟡 ISO 27001:2022

A.10.1.1 A.14.2.1

🔗 References & Sources 5

🔗

https://curl.se/docs/CVE-2026-7009.html

2499f714-1537-4658-8207-48ae4bb9eae9

Patch Vendor Advisory

🔗

https://curl.se/docs/CVE-2026-7009.json

2499f714-1537-4658-8207-48ae4bb9eae9

Product

🔗

https://hackerone.com/reports/3694390

2499f714-1537-4658-8207-48ae4bb9eae9

Exploit Issue Tracking Patch

🔗

http://www.openwall.com/lists/oss-security/2026/04/29/12

af854a3a-2127-422b-91ae-364da2661108

Mailing List Patch Third Party Advisory

🔗

https://hackerone.com/reports/3694390

134c704f-9b21-4f2e-91b3-4a467353bcc0

Exploit Issue Tracking Patch

📦 Affected Products / CPE 1 entries

haxx:curl

📊 CVSS Score

5.3

/ 10.0 — Medium

📊 CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Attack VectorN — None / Network

Attack ComplexityL — Low / Local

Privileges RequiredN — None / Network

User InteractionN — None / Network

ScopeU — Unchanged

ConfidentialityL — Low / Local

IntegrityN — None / Network

AvailabilityN — None / Network

📋 Quick Facts

Severity Medium

CVSS Score5.3

CWECWE-295

EPSS0.01%

Exploit ✓ Yes

Patch ✓ Yes

Published 2026-05-13

Source Feed nvd

🇸🇦 Saudi Risk Score

7.0

/ 10.0 — Saudi Risk

Priority: HIGH

🏷️ Tags

exploit-available patch-available CWE-295

🏢 Vendor Advisories

🔗 https://curl.se/docs/CVE-2026-7009.html

⚡ Actions

🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details

CVE-2026-7009

Introduce Yourself

Sign In Required