A vulnerability was found in cURL up to 8.19.0 . It has been classified as critical . This vulnerability affects unknown code of the component OCSP Stapling Handler . Performing a manipulation results in improper certificate validation. This vulnerability is cataloged as CVE-2026-7009 . It is possible to initiate the attack remotely. There is no exploit available. Upgrading the affected component is recommended.