PT-2026-40991 — Julia Curl Jll+1

PT-2026-40991 · Julia · Curl Jll+1

Published

2026-05-04

Updated

2026-05-04

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

JLSEC-2026-395

Affected Products

Curl Jll

Libcurl Jll

PT-2026-40991 · Julia · Curl Jll+1

Related Identifiers

Affected Products

References · 10