Vulnerability Database

320,453

Total vulnerabilities in the database

CVE-2025-14017

When doing multi-threaded LDAPS transfers (LDAP over TLS) with libcurl, changing TLS options in one thread would inadvertently change them globally and therefore possibly also affect other concurrently setup transfers.

Disabling certificate verification for a specific transfer could unintentionally disable the feature for other threads as well.

Published: Jan 8, 2026
Updated: Jan 17, 2026
CVE: CVE-2025-14017
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.3
AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
haxx / curl	7.17.0	8.18.0

http://www.openwall.com/lists/oss-security/2026/01/07/3
https://curl.se/docs/CVE-2025-14017.html
https://curl.se/docs/CVE-2025-14017.json

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo