Security Advisory

CVE-2025-10966

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-11-07 07:26:30
Last updated 2025-11-10 20:26:07
Assigner curl
State PUBLISHED

Description

curls code for managing SSH connections when SFTP was done using the wolfSSH powered backend was flawed and missed host verification mechanisms. This prevents curl from detecting MITM attackers and more.