{"vulnerability": "CVE-2026-8932", "sightings": [{"uuid": "0ceaebd6-7644-492d-8816-78c7a824faf8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8932", "type": "seen", "source": "https://mastodon.social/users/bagder/statuses/116803871360199033", "content": "CVE-2026-8932 is the oldest #curl vulnerability reported so far. 25.25 years old. Shipped in releases since curl version 7.7, released on March 22 2001\nStill rather benign and it probably hurt about three users, at most.\nhttps://curl.se/docs/CVE-2026-8932.html", "creation_timestamp": "2026-06-24T07:20:39.322344Z"}, {"uuid": "af2af6d8-2e64-40da-adf0-34ee33fd4ab6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8932", "type": "seen", "source": "https://bsky.app/profile/bagder.mastodon.social.ap.brid.gy/post/3mozev6hlvoz2", "content": "CVE-2026-8932 is the oldest #curl vulnerability reported so far. 25.25 years old. Shipped in releases since curl version 7.7, released on March 22 2001\n\nStill rather benign and it probably hurt about three users, at most.\n\nhttps://curl.se/docs/CVE-2026-8932.html", "creation_timestamp": "2026-06-24T07:20:39.818962Z"}, {"uuid": "d456387c-ce80-45f3-a325-2fba0cdcc38b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8932", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mp44tcthzn2w", "content": "Curl and libcurl were updated with patches for 18 vulnerabilities, including CVE-2026-8932 from 2001 that can enable authentication bypass via mTLS connection reuse.\n", "creation_timestamp": "2026-06-25T09:34:25.033120Z"}, {"uuid": "65a807b1-72b2-45ba-b9f9-bea2893a9790", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-8932", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mp4chv3pvh2y", "content": "Curl patched 18 vulnerabilities, including CVE-2026-8932, a 25-year-old libcurl flaw from 2001 that could enable authentication bypass via reused connections. #curl #libcurl #CVE20268932", "creation_timestamp": "2026-06-25T11:15:23.724988Z"}]}