fkie_nvd - fkie_cve-2025-10966

fkie_cve-2025-10966

Vulnerability from fkie_nvd

Published

2025-11-07 08:15

Modified

2025-11-07 08:15

Severity ?

Summary

curl's code for managing SSH connections when SFTP was done using the wolfSSH powered backend was flawed and missed host verification mechanisms. This prevents curl from detecting MITM attackers and more.

References

	URL	Tags
	2499f714-1537-4658-8207-48ae4bb9eae9	https://curl.se/docs/CVE-2025-10966.html
	2499f714-1537-4658-8207-48ae4bb9eae9	https://curl.se/docs/CVE-2025-10966.json
	2499f714-1537-4658-8207-48ae4bb9eae9	https://hackerone.com/reports/3355218
	af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2025/11/05/2

Impacted products

	Vendor	Product	Version

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "curl\u0027s code for managing SSH connections when SFTP was done using the wolfSSH\npowered backend was flawed and missed host verification mechanisms.\n\nThis prevents curl from detecting MITM attackers and more."
    }
  ],
  "id": "CVE-2025-10966",
  "lastModified": "2025-11-07T08:15:39.617",
  "metrics": {},
  "published": "2025-11-07T08:15:39.617",
  "references": [
    {
      "source": "2499f714-1537-4658-8207-48ae4bb9eae9",
      "url": "https://curl.se/docs/CVE-2025-10966.html"
    },
    {
      "source": "2499f714-1537-4658-8207-48ae4bb9eae9",
      "url": "https://curl.se/docs/CVE-2025-10966.json"
    },
    {
      "source": "2499f714-1537-4658-8207-48ae4bb9eae9",
      "url": "https://hackerone.com/reports/3355218"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2025/11/05/2"
    }
  ],
  "sourceIdentifier": "2499f714-1537-4658-8207-48ae4bb9eae9",
  "vulnStatus": "Received"
}

CVE-2025-10966 (GCVE-0-2025-10966)

Vulnerability from cvelistv5

Published

2025-11-07 07:26

Modified

2025-11-07 08:05

Severity ?

CWE

CWE-322 Key Exchange without Entity Authentication

Summary

curl's code for managing SSH connections when SFTP was done using the wolfSSH powered backend was flawed and missed host verification mechanisms. This prevents curl from detecting MITM attackers and more.

References

URL

Tags

	https://curl.se/docs/CVE-2025-10966.json
	https://curl.se/docs/CVE-2025-10966.html
	https://hackerone.com/reports/3355218

Impacted products

	Vendor	Product	Version
	curl	curl	Version: 8.16.0 ≤ 8.16.0 Version: 8.15.0 ≤ 8.15.0 Version: 8.14.1 ≤ 8.14.1 Version: 8.14.0 ≤ 8.14.0 Version: 8.13.0 ≤ 8.13.0 Version: 8.12.1 ≤ 8.12.1 Version: 8.12.0 ≤ 8.12.0 Version: 8.11.1 ≤ 8.11.1 Version: 8.11.0 ≤ 8.11.0 Version: 8.10.1 ≤ 8.10.1 Version: 8.10.0 ≤ 8.10.0 Version: 8.9.1 ≤ 8.9.1 Version: 8.9.0 ≤ 8.9.0 Version: 8.8.0 ≤ 8.8.0 Version: 8.7.1 ≤ 8.7.1 Version: 8.7.0 ≤ 8.7.0 Version: 8.6.0 ≤ 8.6.0 Version: 8.5.0 ≤ 8.5.0 Version: 8.4.0 ≤ 8.4.0 Version: 8.3.0 ≤ 8.3.0 Version: 8.2.1 ≤ 8.2.1 Version: 8.2.0 ≤ 8.2.0 Version: 8.1.2 ≤ 8.1.2 Version: 8.1.1 ≤ 8.1.1 Version: 8.1.0 ≤ 8.1.0 Version: 8.0.1 ≤ 8.0.1 Version: 8.0.0 ≤ 8.0.0 Version: 7.88.1 ≤ 7.88.1 Version: 7.88.0 ≤ 7.88.0 Version: 7.87.0 ≤ 7.87.0 Version: 7.86.0 ≤ 7.86.0 Version: 7.85.0 ≤ 7.85.0 Version: 7.84.0 ≤ 7.84.0 Version: 7.83.1 ≤ 7.83.1 Version: 7.83.0 ≤ 7.83.0 Version: 7.82.0 ≤ 7.82.0 Version: 7.81.0 ≤ 7.81.0 Version: 7.80.0 ≤ 7.80.0 Version: 7.79.1 ≤ 7.79.1 Version: 7.79.0 ≤ 7.79.0 Version: 7.78.0 ≤ 7.78.0 Version: 7.77.0 ≤ 7.77.0 Version: 7.76.1 ≤ 7.76.1 Version: 7.76.0 ≤ 7.76.0 Version: 7.75.0 ≤ 7.75.0 Version: 7.74.0 ≤ 7.74.0 Version: 7.73.0 ≤ 7.73.0 Version: 7.72.0 ≤ 7.72.0 Version: 7.71.1 ≤ 7.71.1 Version: 7.71.0 ≤ 7.71.0 Version: 7.70.0 ≤ 7.70.0 Version: 7.69.1 ≤ 7.69.1 Version: 7.69.0 ≤ 7.69.0

Show details on NVD website

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-07T08:05:50.150Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/11/05/2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "curl",
          "vendor": "curl",
          "versions": [
            {
              "lessThanOrEqual": "8.16.0",
              "status": "affected",
              "version": "8.16.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.15.0",
              "status": "affected",
              "version": "8.15.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.14.1",
              "status": "affected",
              "version": "8.14.1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.14.0",
              "status": "affected",
              "version": "8.14.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.13.0",
              "status": "affected",
              "version": "8.13.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.12.1",
              "status": "affected",
              "version": "8.12.1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.12.0",
              "status": "affected",
              "version": "8.12.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.11.1",
              "status": "affected",
              "version": "8.11.1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.11.0",
              "status": "affected",
              "version": "8.11.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.10.1",
              "status": "affected",
              "version": "8.10.1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.10.0",
              "status": "affected",
              "version": "8.10.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.9.1",
              "status": "affected",
              "version": "8.9.1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.9.0",
              "status": "affected",
              "version": "8.9.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.8.0",
              "status": "affected",
              "version": "8.8.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.7.1",
              "status": "affected",
              "version": "8.7.1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.7.0",
              "status": "affected",
              "version": "8.7.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.6.0",
              "status": "affected",
              "version": "8.6.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.5.0",
              "status": "affected",
              "version": "8.5.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.4.0",
              "status": "affected",
              "version": "8.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.3.0",
              "status": "affected",
              "version": "8.3.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.2.1",
              "status": "affected",
              "version": "8.2.1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.2.0",
              "status": "affected",
              "version": "8.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.1.2",
              "status": "affected",
              "version": "8.1.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.1.1",
              "status": "affected",
              "version": "8.1.1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.1.0",
              "status": "affected",
              "version": "8.1.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.0.1",
              "status": "affected",
              "version": "8.0.1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "8.0.0",
              "status": "affected",
              "version": "8.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.88.1",
              "status": "affected",
              "version": "7.88.1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.88.0",
              "status": "affected",
              "version": "7.88.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.87.0",
              "status": "affected",
              "version": "7.87.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.86.0",
              "status": "affected",
              "version": "7.86.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.85.0",
              "status": "affected",
              "version": "7.85.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.84.0",
              "status": "affected",
              "version": "7.84.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.83.1",
              "status": "affected",
              "version": "7.83.1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.83.0",
              "status": "affected",
              "version": "7.83.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.82.0",
              "status": "affected",
              "version": "7.82.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.81.0",
              "status": "affected",
              "version": "7.81.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.80.0",
              "status": "affected",
              "version": "7.80.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.79.1",
              "status": "affected",
              "version": "7.79.1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.79.0",
              "status": "affected",
              "version": "7.79.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.78.0",
              "status": "affected",
              "version": "7.78.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.77.0",
              "status": "affected",
              "version": "7.77.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.76.1",
              "status": "affected",
              "version": "7.76.1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.76.0",
              "status": "affected",
              "version": "7.76.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.75.0",
              "status": "affected",
              "version": "7.75.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.74.0",
              "status": "affected",
              "version": "7.74.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.73.0",
              "status": "affected",
              "version": "7.73.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.72.0",
              "status": "affected",
              "version": "7.72.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.71.1",
              "status": "affected",
              "version": "7.71.1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.71.0",
              "status": "affected",
              "version": "7.71.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.70.0",
              "status": "affected",
              "version": "7.70.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.69.1",
              "status": "affected",
              "version": "7.69.1",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "7.69.0",
              "status": "affected",
              "version": "7.69.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Stanislav Fort (Aisle Research)"
        },
        {
          "lang": "en",
          "type": "remediation developer",
          "value": "Daniel Stenberg"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "curl\u0027s code for managing SSH connections when SFTP was done using the wolfSSH\npowered backend was flawed and missed host verification mechanisms.\n\nThis prevents curl from detecting MITM attackers and more."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-322 Key Exchange without Entity Authentication",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-07T07:26:30.351Z",
        "orgId": "2499f714-1537-4658-8207-48ae4bb9eae9",
        "shortName": "curl"
      },
      "references": [
        {
          "name": "json",
          "url": "https://curl.se/docs/CVE-2025-10966.json"
        },
        {
          "name": "www",
          "url": "https://curl.se/docs/CVE-2025-10966.html"
        },
        {
          "name": "issue",
          "url": "https://hackerone.com/reports/3355218"
        }
      ],
      "title": "missing SFTP host verification with wolfSSH"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "2499f714-1537-4658-8207-48ae4bb9eae9",
    "assignerShortName": "curl",
    "cveId": "CVE-2025-10966",
    "datePublished": "2025-11-07T07:26:30.351Z",
    "dateReserved": "2025-09-25T10:15:10.502Z",
    "dateUpdated": "2025-11-07T08:05:50.150Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Log in or create an account to share your comment.

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.