Browse all 5 CVE security advisories affecting warmcat. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Warmcat is primarily known for the cURL and libcurl projects, which are widely used for data transfer in command-line tools and applications. Historically, these projects have faced multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues. The five CVEs associated with warmcat include critical RCE vulnerabilities in libcurl's URL parsing and handling of malformed certificates, as well as information disclosure bugs. While no major public security incidents have been documented, the widespread adoption of cURL means vulnerabilities in these tools could potentially affect numerous systems and applications across various platforms.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-11680 | Out-of-bounds Write in libwebsockets PNG parsing — libwebsocketsCWE-787 | 6.5 | - | 2025-10-20 |
| CVE-2025-11679 | Out-of-bounds Read in libwebsockets PNG parsing — libwebsocketsCWE-125 | 6.5 | - | 2025-10-20 |
| CVE-2025-11678 | Stack-based Buffer Overflow in libwebsockets DNS response parsing — libwebsocketCWE-121 | 9.8AI | CriticalAI | 2025-10-20 |
| CVE-2025-11677 | Use After Free in libwebsockets WebSocket server — libwebsocketsCWE-416 | 7.5 | - | 2025-10-20 |
| CVE-2025-1866 | Undefined Behavior Due to Out-of-Bounds Pointer Arithmetic in libwebsockets — libwebsocketsCWE-119 | 9.8 | - | 2025-03-03 |
This page lists every published CVE security advisory associated with warmcat. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.