PT-2026-35897 · Git · Curl
Published
2026-04-29
·
Updated
2026-04-29
·
CVE-2026-7009
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
When curl is told to use the Certificate Status Request TLS extension, often
referred to as OCSP stapling, to verify that the server certificate is
valid, it fails to detect OCSP problems and instead wrongly consider the
response as fine.
Improper Certificate Validation
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Curl