{"id":"USN-8525-1","summary":"curl vulnerabilities","details":"Harry Sintonen discovered that curl incorrectly handled credentials when\nfollowing HTTP redirects in conjunction with .netrc files. An attacker\ncould possibly use this issue to obtain sensitive information. This issue\nonly affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS.\n(CVE-2024-11053)\n\nHiroki Kurosawa discovered that curl incorrectly handled OCSP stapling\nresponses. A remote attacker could possibly use this issue to obtain\nsensitive information. This issue only affected Ubuntu 16.04 LTS and Ubuntu\n18.04 LTS. (CVE-2024-8096)\n\nJoshua Rogers discovered that curl had a use-after-free vulnerability when\nresetting and cleaning up HTTP/2 stream handles. An attacker could possibly\nuse this issue to cause a denial of service or execute arbitrary code. This\nissue only affected Ubuntu 24.04 LTS, Ubuntu 25.04, and Ubuntu 25.10.\n(CVE-2026-10536)\n\nQuac Tran and Ngoc Hieu discovered that curl incorrectly reused connections\nwhen switching authentication methods to the same host. An attacker could\npossibly use this issue to obtain sensitive information or perform\nunauthorized actions. This issue only affected Ubuntu 20.04 LTS.\n(CVE-2026-5545)\n\nOsama Hamad discovered that curl incorrectly reused SMB connections when\nthe target share differed between transfers. An attacker could possibly use\nthis issue to obtain sensitive information. This issue only affected Ubuntu\n16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2026-5773)\n\nMuhamad Arga Reksapati discovered that curl incorrectly forwarded Digest\nproxy authentication credentials to a different proxy host. An attacker\ncould possibly use this issue to obtain sensitive information. This issue\nonly affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2026-7168)\n\nIt was discovered that curl incorrectly skipped SSH host verification\noptions when using schemeless URLs with --proto-default. An attacker could\npossibly use this issue to perform machine-in-the-middle attacks. This\nissue only affected Ubuntu 25.04 and Ubuntu 25.10. (CVE-2026-12064)\n\nIt was discovered that curl did not enforce an upper bound on memory\nallocated for unacknowledged WebSocket PING frames. A remote attacker could\npossibly use this issue to cause a denial of service. This issue only\naffected Ubuntu 25.10. (CVE-2026-11586)\n\nIt was discovered that curl could stall indefinitely when a malicious\nHTTP/3 server sent a continuous stream of empty UDP datagrams. A remote\nattacker could possibly use this issue to cause a denial of service. This\nissue only affected Ubuntu 25.10. (CVE-2026-11352)\n\nIt was discovered that curl could incorrectly continue trusting a native\nplatform CA store after an application switched the handle to use custom CA\nmaterial. An attacker could possibly use this issue to obtain sensitive\ninformation. This issue only affected Ubuntu 25.10. (CVE-2026-11564)","modified":"2026-07-11T00:29:23.105543967Z","published":"2026-07-09T19:14:44Z","related":["UBUNTU-CVE-2024-11053","UBUNTU-CVE-2024-8096","UBUNTU-CVE-2026-10536","UBUNTU-CVE-2026-11352","UBUNTU-CVE-2026-11564","UBUNTU-CVE-2026-11586","UBUNTU-CVE-2026-12064","UBUNTU-CVE-2026-5545","UBUNTU-CVE-2026-5773","UBUNTU-CVE-2026-7168"],"upstream":["UBUNTU-CVE-2024-8096","UBUNTU-CVE-2024-11053","UBUNTU-CVE-2026-5545","UBUNTU-CVE-2026-5773","UBUNTU-CVE-2026-7168","UBUNTU-CVE-2026-10536","UBUNTU-CVE-2026-11352","UBUNTU-CVE-2026-11564","UBUNTU-CVE-2026-11586","UBUNTU-CVE-2026-12064"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-8525-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-8096"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-11053"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-5545"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-5773"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-7168"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-10536"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-11352"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-11564"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-11586"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2026-12064"}],"affected":[{"package":{"name":"curl","ecosystem":"Ubuntu:Pro:14.04:LTS","purl":"pkg:deb/ubuntu/curl?arch=source&distro=esm-infra-legacy%2Ftrusty"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.35.0-1ubuntu2.20+esm21"}]}],"versions":["7.32.0-1ubuntu1","7.33.0-1ubuntu1","7.34.0-1ubuntu1","7.35.0-1ubuntu1","7.35.0-1ubuntu2","7.35.0-1ubuntu2.1","7.35.0-1ubuntu2.2","7.35.0-1ubuntu2.3","7.35.0-1ubuntu2.5","7.35.0-1ubuntu2.6","7.35.0-1ubuntu2.7","7.35.0-1ubuntu2.8","7.35.0-1ubuntu2.9","7.35.0-1ubuntu2.10","7.35.0-1ubuntu2.11","7.35.0-1ubuntu2.12","7.35.0-1ubuntu2.13","7.35.0-1ubuntu2.14","7.35.0-1ubuntu2.15","7.35.0-1ubuntu2.16","7.35.0-1ubuntu2.17","7.35.0-1ubuntu2.19","7.35.0-1ubuntu2.20","7.35.0-1ubuntu2.20+esm2","7.35.0-1ubuntu2.20+esm3","7.35.0-1ubuntu2.20+esm4","7.35.0-1ubuntu2.20+esm5","7.35.0-1ubuntu2.20+esm6","7.35.0-1ubuntu2.20+esm7","7.35.0-1ubuntu2.20+esm8","7.35.0-1ubuntu2.20+esm9","7.35.0-1ubuntu2.20+esm10","7.35.0-1ubuntu2.20+esm11","7.35.0-1ubuntu2.20+esm12","7.35.0-1ubuntu2.20+esm13","7.35.0-1ubuntu2.20+esm14","7.35.0-1ubuntu2.20+esm15","7.35.0-1ubuntu2.20+esm16","7.35.0-1ubuntu2.20+esm17","7.35.0-1ubuntu2.20+esm18","7.35.0-1ubuntu2.20+esm19","7.35.0-1ubuntu2.20+esm20"],"ecosystem_specific":{"binaries":[{"binary_name":"curl","binary_version":"7.35.0-1ubuntu2.20+esm21"},{"binary_version":"7.35.0-1ubuntu2.20+esm21","binary_name":"libcurl3"},{"binary_name":"libcurl3-gnutls","binary_version":"7.35.0-1ubuntu2.20+esm21"},{"binary_version":"7.35.0-1ubuntu2.20+esm21","binary_name":"libcurl3-nss"}],"availability":"Available with Ubuntu Pro with Legacy support add-on: https://ubuntu.com/pro"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8525-1.json","cves_map":{"cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2024-11053"}],"ecosystem":"Ubuntu:Pro:14.04:LTS"}}},{"package":{"name":"curl","ecosystem":"Ubuntu:Pro:16.04:LTS","purl":"pkg:deb/ubuntu/curl?arch=source&distro=esm-infra-legacy%2Fxenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.47.0-1ubuntu2.19+esm17"}]}],"versions":["7.43.0-1ubuntu2","7.45.0-1ubuntu1","7.46.0-1ubuntu1","7.47.0-1ubuntu1","7.47.0-1ubuntu2","7.47.0-1ubuntu2.1","7.47.0-1ubuntu2.2","7.47.0-1ubuntu2.3","7.47.0-1ubuntu2.4","7.47.0-1ubuntu2.5","7.47.0-1ubuntu2.6","7.47.0-1ubuntu2.7","7.47.0-1ubuntu2.8","7.47.0-1ubuntu2.9","7.47.0-1ubuntu2.11","7.47.0-1ubuntu2.12","7.47.0-1ubuntu2.13","7.47.0-1ubuntu2.14","7.47.0-1ubuntu2.15","7.47.0-1ubuntu2.16","7.47.0-1ubuntu2.18","7.47.0-1ubuntu2.19","7.47.0-1ubuntu2.19+esm1","7.47.0-1ubuntu2.19+esm2","7.47.0-1ubuntu2.19+esm3","7.47.0-1ubuntu2.19+esm4","7.47.0-1ubuntu2.19+esm5","7.47.0-1ubuntu2.19+esm6","7.47.0-1ubuntu2.19+esm7","7.47.0-1ubuntu2.19+esm8","7.47.0-1ubuntu2.19+esm9","7.47.0-1ubuntu2.19+esm10","7.47.0-1ubuntu2.19+esm11","7.47.0-1ubuntu2.19+esm12","7.47.0-1ubuntu2.19+esm13","7.47.0-1ubuntu2.19+esm15","7.47.0-1ubuntu2.19+esm16"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro with Legacy support add-on: https://ubuntu.com/pro","binaries":[{"binary_name":"curl","binary_version":"7.47.0-1ubuntu2.19+esm17"},{"binary_version":"7.47.0-1ubuntu2.19+esm17","binary_name":"libcurl3"},{"binary_name":"libcurl3-gnutls","binary_version":"7.47.0-1ubuntu2.19+esm17"},{"binary_name":"libcurl3-nss","binary_version":"7.47.0-1ubuntu2.19+esm17"}]},"database_specific":{"cves_map":{"cves":[{"id":"CVE-2024-8096","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N","type":"CVSS_V3"},{"type":"Ubuntu","score":"medium"}]},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2024-11053"},{"id":"CVE-2026-5773","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"type":"Ubuntu","score":"low"}]}],"ecosystem":"Ubuntu:Pro:16.04:LTS"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8525-1.json"}},{"package":{"name":"curl","ecosystem":"Ubuntu:Pro:18.04:LTS","purl":"pkg:deb/ubuntu/curl?arch=source&distro=esm-infra%2Fbionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.58.0-2ubuntu3.24+esm10"}]}],"versions":["7.55.1-1ubuntu2","7.55.1-1ubuntu2.1","7.57.0-1ubuntu1","7.58.0-2ubuntu1","7.58.0-2ubuntu2","7.58.0-2ubuntu3","7.58.0-2ubuntu3.1","7.58.0-2ubuntu3.2","7.58.0-2ubuntu3.3","7.58.0-2ubuntu3.5","7.58.0-2ubuntu3.6","7.58.0-2ubuntu3.7","7.58.0-2ubuntu3.8","7.58.0-2ubuntu3.9","7.58.0-2ubuntu3.10","7.58.0-2ubuntu3.12","7.58.0-2ubuntu3.13","7.58.0-2ubuntu3.14","7.58.0-2ubuntu3.15","7.58.0-2ubuntu3.16","7.58.0-2ubuntu3.17","7.58.0-2ubuntu3.18","7.58.0-2ubuntu3.19","7.58.0-2ubuntu3.20","7.58.0-2ubuntu3.21","7.58.0-2ubuntu3.22","7.58.0-2ubuntu3.23","7.58.0-2ubuntu3.24","7.58.0-2ubuntu3.24+esm1","7.58.0-2ubuntu3.24+esm2","7.58.0-2ubuntu3.24+esm3","7.58.0-2ubuntu3.24+esm4","7.58.0-2ubuntu3.24+esm5","7.58.0-2ubuntu3.24+esm7","7.58.0-2ubuntu3.24+esm8","7.58.0-2ubuntu3.24+esm9"],"ecosystem_specific":{"binaries":[{"binary_version":"7.58.0-2ubuntu3.24+esm10","binary_name":"curl"},{"binary_name":"libcurl3-gnutls","binary_version":"7.58.0-2ubuntu3.24+esm10"},{"binary_version":"7.58.0-2ubuntu3.24+esm10","binary_name":"libcurl3-nss"},{"binary_version":"7.58.0-2ubuntu3.24+esm10","binary_name":"libcurl4"}],"availability":"Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8525-1.json","cves_map":{"cves":[{"id":"CVE-2024-8096","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"score":"medium","type":"Ubuntu"}]},{"id":"CVE-2024-11053","severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}]},{"id":"CVE-2026-5773","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2026-7168","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"score":"medium","type":"Ubuntu"}]}],"ecosystem":"Ubuntu:Pro:18.04:LTS"}}},{"package":{"name":"curl","ecosystem":"Ubuntu:Pro:20.04:LTS","purl":"pkg:deb/ubuntu/curl?arch=source&distro=esm-infra%2Ffocal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.68.0-1ubuntu2.25+esm5"}]}],"versions":["7.65.3-1ubuntu3","7.65.3-1ubuntu4","7.66.0-1ubuntu1","7.67.0-2ubuntu1","7.68.0-1ubuntu1","7.68.0-1ubuntu2","7.68.0-1ubuntu2.1","7.68.0-1ubuntu2.2","7.68.0-1ubuntu2.4","7.68.0-1ubuntu2.5","7.68.0-1ubuntu2.6","7.68.0-1ubuntu2.7","7.68.0-1ubuntu2.10","7.68.0-1ubuntu2.11","7.68.0-1ubuntu2.12","7.68.0-1ubuntu2.13","7.68.0-1ubuntu2.14","7.68.0-1ubuntu2.15","7.68.0-1ubuntu2.16","7.68.0-1ubuntu2.18","7.68.0-1ubuntu2.19","7.68.0-1ubuntu2.20","7.68.0-1ubuntu2.21","7.68.0-1ubuntu2.22","7.68.0-1ubuntu2.23","7.68.0-1ubuntu2.24","7.68.0-1ubuntu2.25","7.68.0-1ubuntu2.25+esm2","7.68.0-1ubuntu2.25+esm3","7.68.0-1ubuntu2.25+esm4"],"ecosystem_specific":{"binaries":[{"binary_version":"7.68.0-1ubuntu2.25+esm5","binary_name":"curl"},{"binary_name":"libcurl3-gnutls","binary_version":"7.68.0-1ubuntu2.25+esm5"},{"binary_version":"7.68.0-1ubuntu2.25+esm5","binary_name":"libcurl3-nss"},{"binary_name":"libcurl4","binary_version":"7.68.0-1ubuntu2.25+esm5"}],"availability":"Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro"},"database_specific":{"cves_map":{"cves":[{"id":"CVE-2026-5545","severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N","type":"CVSS_V3"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N"},{"type":"Ubuntu","score":"medium"}]},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2026-5773"},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2026-7168"}],"ecosystem":"Ubuntu:Pro:20.04:LTS"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8525-1.json"}},{"package":{"name":"curl","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/curl?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.5.0-2ubuntu10.11"}]}],"versions":["8.2.1-1ubuntu3","8.2.1-1ubuntu3.1","8.4.0-2ubuntu1","8.5.0-2ubuntu1","8.5.0-2ubuntu2","8.5.0-2ubuntu8","8.5.0-2ubuntu9","8.5.0-2ubuntu10","8.5.0-2ubuntu10.1","8.5.0-2ubuntu10.2","8.5.0-2ubuntu10.3","8.5.0-2ubuntu10.4","8.5.0-2ubuntu10.5","8.5.0-2ubuntu10.6","8.5.0-2ubuntu10.7","8.5.0-2ubuntu10.8","8.5.0-2ubuntu10.9","8.5.0-2ubuntu10.10"],"ecosystem_specific":{"binaries":[{"binary_name":"curl","binary_version":"8.5.0-2ubuntu10.11"},{"binary_name":"libcurl3t64-gnutls","binary_version":"8.5.0-2ubuntu10.11"},{"binary_name":"libcurl4t64","binary_version":"8.5.0-2ubuntu10.11"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:24.04:LTS","cves":[{"id":"CVE-2026-10536","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"low"}]}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8525-1.json"}},{"package":{"name":"curl","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/curl?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.14.1-2ubuntu1.5"}]}],"versions":["8.12.1-3ubuntu1","8.13.0-5ubuntu1","8.14.1-1ubuntu2","8.14.1-1ubuntu3","8.14.1-2ubuntu1","8.14.1-2ubuntu1.1","8.14.1-2ubuntu1.2","8.14.1-2ubuntu1.3","8.14.1-2ubuntu1.4"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"curl","binary_version":"8.14.1-2ubuntu1.5"},{"binary_name":"libcurl3t64-gnutls","binary_version":"8.14.1-2ubuntu1.5"},{"binary_version":"8.14.1-2ubuntu1.5","binary_name":"libcurl4t64"}]},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:25.10","cves":[{"id":"CVE-2026-10536","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"score":"low","type":"Ubuntu"}]},{"id":"CVE-2026-12064","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"score":"low","type":"Ubuntu"}]}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8525-1.json"}},{"package":{"name":"curl","ecosystem":"Ubuntu:26.04:LTS","purl":"pkg:deb/ubuntu/curl?arch=source&distro=resolute"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.18.0-1ubuntu2.3"}]}],"versions":["8.14.1-2ubuntu1","8.17.0-1ubuntu1","8.18.0-1ubuntu1","8.18.0-1ubuntu2","8.18.0-1ubuntu2.1","8.18.0-1ubuntu2.2"],"ecosystem_specific":{"binaries":[{"binary_name":"curl","binary_version":"8.18.0-1ubuntu2.3"},{"binary_name":"libcurl3t64-gnutls","binary_version":"8.18.0-1ubuntu2.3"},{"binary_version":"8.18.0-1ubuntu2.3","binary_name":"libcurl4t64"}],"availability":"No subscription required"},"database_specific":{"cves_map":{"ecosystem":"Ubuntu:26.04:LTS","cves":[{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"low"}],"id":"CVE-2026-10536"},{"id":"CVE-2026-11352","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"score":"low","type":"Ubuntu"}]},{"id":"CVE-2026-11564","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N","type":"CVSS_V3"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2026-11586","severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}]},{"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"score":"low","type":"Ubuntu"}],"id":"CVE-2026-12064"}]},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8525-1.json"}}],"schema_version":"1.7.5"}