CVE-2025-10148 | cURL up to 8.15.0 WebSocket Mask generation of predictable numbers or identifiers (d78e129d50b2d1)

A vulnerability labeled as problematic has been found in cURL up to 8.15.0. This affects an unknown function of the component WebSocket Mask. Such manipulation leads to generation of predictable numbers or identifiers.

This vulnerability is documented as CVE-2025-10148. The attack can be executed remotely. There is not any exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More