daniel:// stenberg://

CVE-2026-8932 is the oldest #curl vulnerability reported so far. 25.25 years old. Shipped in releases since curl version 7.7, released on March 22 2001

Still rather benign and it probably hurt about three users, at most.

https://curl.se/docs/CVE-2026-8932.html

curl - incomplete mTLS config matching in conn reuse - CVE-2026-8932

7:20amWeb
Show threadnyanbinary (CEO of Cybercrime)14h ago
@bagder no way there is that many deployment of mTLS in total 
Show threadThomas Lee ✅ 2h ago
@bagder how big is Curl? How many lines of code??
Show threaddaniel:// stenberg://1h ago
@DoctorDNS 180K lines of code