cURL Project Patches 18 Vulnerabilities Including a 25-Year-Old Bug

The cURL project fixed 18 vulnerabilities in a single update, including a 25-year-old bug that had persisted since the early 2000s. The flaws affect libcurl and involve issues such as authentication bypass, memory safety, and host validation. No specific CVE IDs beyond the placeholder CVE-2026-8932 (mentioned in metadata) were detailed in the article. The vulnerabilities were addressed by cURL maintainers, though no exact release date was provided. The update impacts the widely used open-source cURL tool, which is integral to data transfers in numerous applications. The full technical scope and affected versions were not explicitly stated.