Post
CVE-2026-3784 beat a new #curl record. This flaw existed in curl source code for 24.97 years before it was discovered.
Illustrated in the slightly hard-to-read graph below. The average age of a curl vulnerability when reported is eight years.
@bagder Curl is older than me 🤔
Daniel,
I cannot thank you enough for doing this kind of data-mining, it is very strong and compelling evidence that the way we do software is simply not good enough.
@bsdphk a reasonable conclusion!
24.97 years is insane. that's like finding out your house has had a structural problem since you built it and you're just now noticing the crack. makes me think about all the stuff in codebases that's probably sitting there undetected right now.
@bagder a vulnerability older than me and my usage of curl is wild😂😂😂
@bagder this vulnerability is almost as old as me lol
This is a Bonfire Federated social instance for those that enjoy gnarly adventures. Whether it's shredding mountains or slaying guitars, from action sports to art.
