Docs Overview
Project
Bug Bounty Bug Report Code of conduct Dependencies Donate FAQ Features Governance History Install Known Bugs Logo TODO website Info
Protocols
CA Extract HTTP cookies HTTP/3 MQTT SSL certs SSL libs compared URL syntax WebSocket
Releases
Changelog curl CVEs Release Table Version Numbering Vulnerabilities
Tool
Comparison Table curl man page HTTP Scripting mk-ca-bundle Tutorial When options were added
Who and Why
Companies Copyright Sponsors Thanks The name
curl / Docs / curl CVEs / missing SFTP host verification with wolfSSH
Related:
Audits
Bug Bounty
Changelog
curl CVEs
JSON metadata
Original report
Vulnerability Disclosure
Vulnerabilities Table
Awarded 505 USD

CVE-2025-10966

missing SFTP host verification with wolfSSH

Project curl Security Advisory, November 5 2025 - Permalink

VULNERABILITY

curl's code for managing SSH connections when SFTP was done using the wolfSSH powered backend was flawed and missed host verification mechanisms.

This prevents curl from detecting MITM attackers and more.

INFO

curl contains support for several different SSH backends, out of which wolfSSH is the newest and one that seems to almost never be used. Of course partially because of its incomplete state. When building curl, a single specific SSH backend is selected at build-time.

The wolfSSH backend never supported SCP, only SFTP.

As the wolfSSH backend was documented to be incomplete and to fail tests, we don't expect many users to use this code in production.

The missing known host support and host key verification for wolfSSH were omissions from the time this code was added, as we expected and hoped it would grow and get improved over time. As we never got bug reports or comments on the code (which implies that nobody uses it) it never triggered anyone to continue the improvements and complete the implementation.

We have since introduced the concept of experimental features, and should we have done this attempt today this code would probably never have left the experimental state.

We have now completely removed support for wolfSSH.

The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2025-10966 to this issue.

CWE-322: Key Exchange without Entity Authentication

Severity: Low

AFFECTED VERSIONS

libcurl is used by many applications, but not always advertised as such!

This bug is not considered a C mistake. It is not likely to have been avoided had we not been using C.

This flaw also affects the curl command line tool.

SOLUTION

Starting in curl 8.17.0, this mistake is fixed. Support for wolfSSH is dropped.

RECOMMENDATIONS

A - Upgrade curl to version 8.17.0

B - Build curl with another SSH backend

C - Avoid using sftp://

TIMELINE

This issue was reported to the curl project on September 23, 2025. We contacted distros@openwall on October 29, 2025.

curl 8.17.0 was released on November 5 2025 around 07:00 UTC, coordinated with the publication of this advisory.

The curl security team is not aware of any active exploits using this vulnerability.

CREDITS

Thanks a lot!