Curl, the ubiquitous command-line tool found on millions of systems worldwide, will pause accepting vulnerability reports throughout July 2026, according to maintainer Daniel Haxx. The project will resume normal security disclosures in August. Security researchers are encouraged to submit findings before the month begins or hold them until after.

Listen to this story

Hear this and more stories in a personalized audio briefing.

Open The Chonkerton