{ "schema_version": "1.5.0", "id": "CURL-CVE-2025-10966", "aliases": [ "CVE-2025-10966" ], "summary": "missing SFTP host verification with wolfSSH", "modified": "2025-11-11T11:36:34.00Z", "database_specific": { "package": "curl", "affects": "both", "URL": "https://curl.se/docs/CVE-2025-10966.json", "www": "https://curl.se/docs/CVE-2025-10966.html", "issue": "https://hackerone.com/reports/3355218", "CWE": { "id": "CWE-322", "desc": "Key Exchange without Entity Authentication" }, "award": { "amount": "505", "currency": "USD" }, "last_affected": "8.16.0", "severity": "Low" }, "published": "2025-11-05T08:00:00.00Z", "affected": [ { "ranges": [ { "type": "SEMVER", "events": [ {"introduced": "7.69.0"}, {"fixed": "8.17.0"} ] }, { "type": "GIT", "repo": "https://github.com/curl/curl.git", "events": [ {"introduced": "6773c7ca65cf2183295e56603f9b86a5ce816a06"}, {"fixed": "b011e3fcfb06d6c0278595ee2ee297036fbe9793"} ] } ], "versions": [ "8.16.0", "8.15.0", "8.14.1", "8.14.0", "8.13.0", "8.12.1", "8.12.0", "8.11.1", "8.11.0", "8.10.1", "8.10.0", "8.9.1", "8.9.0", "8.8.0", "8.7.1", "8.7.0", "8.6.0", "8.5.0", "8.4.0", "8.3.0", "8.2.1", "8.2.0", "8.1.2", "8.1.1", "8.1.0", "8.0.1", "8.0.0", "7.88.1", "7.88.0", "7.87.0", "7.86.0", "7.85.0", "7.84.0", "7.83.1", "7.83.0", "7.82.0", "7.81.0", "7.80.0", "7.79.1", "7.79.0", "7.78.0", "7.77.0", "7.76.1", "7.76.0", "7.75.0", "7.74.0", "7.73.0", "7.72.0", "7.71.1", "7.71.0", "7.70.0", "7.69.1", "7.69.0" ] } ], "credits": [ { "name": "Stanislav Fort (Aisle Research)", "type": "FINDER" }, { "name": "Daniel Stenberg", "type": "REMEDIATION_DEVELOPER" } ], "details": "curl's code for managing SSH connections when SFTP was done using the wolfSSH\npowered backend was flawed and missed host verification mechanisms.\n\nThis prevents curl from detecting MITM attackers and more." }