API Security Blog - API security-related news. More than just OWASP API Top 10. Hacking REST, GraphQL, gRPC, SOAP and others

API security news

Vulnerabilities, exploits, attacks and threats

Well-known information security vulnerabilities database

Main

Uncategorized

Bugbounty

curl: HTTP Proxy Bypass via `CURLOPT_CUSTOMREQUEST` Verb Tunneling

Vulnerability description not...Read More ...

Continue Reading

July 12, 2025

Bugbounty

curl: CRLF injection in libcurl’s SMTP client via –mail-from and –mail-rcpt allows SMTP command smuggling

Vulnerability description not...Read More ...

Continue Reading

July 12, 2025

Bugbounty

curl: access notes without permission

Vulnerability description not...Read More ...

Continue Reading

July 12, 2025

Bugbounty

curl: Disclosure of email addresses

Vulnerability description not...Read More ...

Continue Reading

July 12, 2025

Bugbounty

curl: Use-After-Free in OpenSSL Keylog Callback via SSL_get_ex_data() in libcurl

Vulnerability description not...Read More ...

Continue Reading

July 12, 2025

Bugbounty

curl: Arbitrary File Read via file:// Protocol in cURL

Vulnerability description not...Read More ...

Continue Reading

July 12, 2025

Bugbounty

curl: Default Minimum TLS Version Set to TLS v1.0 (Cryptographic Weakness)

Vulnerability description not...Read More ...

Continue Reading

July 12, 2025

API

CVE-2025-6057

creation_timestamp| type| source ---|---|--- 2025-07-12 04:46:52+00:00| seen|...Read More ...

Continue Reading

July 12, 2025

1 2 3 … 309,368 Next »