diff --git a/Sources/FoundationNetworking/URLSession/libcurl/MultiHandle.swift b/Sources/FoundationNetworking/URLSession/libcurl/MultiHandle.swift
index f1b3ad6a21..86c2704cc8 100644
--- a/Sources/FoundationNetworking/URLSession/libcurl/MultiHandle.swift
+++ b/Sources/FoundationNetworking/URLSession/libcurl/MultiHandle.swift
@@ -48,6 +48,16 @@ extension URLSession {
         fileprivate var timeoutSource: _TimeoutSource? = nil
         private var reentrantInUpdateTimeoutTimer = false
         
+        // Only use serialization for OpenSSL < 1.1.0 which has race conditions during cleanup
+        private static let _needsCleanupSerialization: Bool = {
+            let version = CFURLSessionSSLVersionInfo();
+            let versionNotThreadSafe = version.major < 1 || (version.major == 1 && version.minor < 1)
+            return version.isOpenSSL && versionNotThreadSafe
+        }()
+
+        // Process-wide cleanup lock
+        private static let _cleanupLock = NSLock()
+
         init(configuration: URLSession._Configuration, workQueue: DispatchQueue) {
             queue = DispatchQueue(label: "MultiHandle.isolation", target: workQueue)
             setupCallbacks()
@@ -58,7 +68,14 @@ extension URLSession {
             easyHandles.forEach {
                 try! CFURLSessionMultiHandleRemoveHandle(rawHandle, $0.rawHandle).asError()
             }
-            try! CFURLSessionMultiHandleDeinit(rawHandle).asError()
+
+            if Self._needsCleanupSerialization {
+                Self._cleanupLock.lock()
+                try! CFURLSessionMultiHandleDeinit(rawHandle).asError()
+                Self._cleanupLock.unlock()
+            } else {
+                try! CFURLSessionMultiHandleDeinit(rawHandle).asError()
+            }
         }
     }
 }
diff --git a/Sources/_CFURLSessionInterface/CFURLSessionInterface.c b/Sources/_CFURLSessionInterface/CFURLSessionInterface.c
index 327397fe78..10c78dcfaa 100644
--- a/Sources/_CFURLSessionInterface/CFURLSessionInterface.c
+++ b/Sources/_CFURLSessionInterface/CFURLSessionInterface.c
@@ -676,6 +676,22 @@ CFURLSessionCurlVersion CFURLSessionCurlVersionInfo(void) {
     return v;
 }
 
+CFURLSessionSSLVersion CFURLSessionSSLVersionInfo(void) {
+    CFURLSessionSSLVersion version = {.major = 0, .minor = 0, .patch = 0, .isOpenSSL = false};
+    curl_version_info_data *info = curl_version_info(CURLVERSION_NOW);
+    if (info && info->ssl_version) {
+        // Parse OpenSSL version string like "OpenSSL/1.0.2k-fips" or "OpenSSL/1.1.1"
+        const char *ssl_str = info->ssl_version;
+        if (strncmp(ssl_str, "OpenSSL/", 8) == 0) {
+            version.isOpenSSL = true;
+            ssl_str += 8;  // Skip "OpenSSL/"
+            sscanf(ssl_str, "%d.%d.%d", &version.major, &version.minor, &version.patch);
+        }
+    }
+
+    return version;
+}
+
 
 int const CFURLSessionWriteFuncPause = CURL_WRITEFUNC_PAUSE;
 int const CFURLSessionReadFuncPause = CURL_READFUNC_PAUSE;
diff --git a/Sources/_CFURLSessionInterface/include/CFURLSessionInterface.h b/Sources/_CFURLSessionInterface/include/CFURLSessionInterface.h
index c6ca3766be..dff3a5e7b3 100644
--- a/Sources/_CFURLSessionInterface/include/CFURLSessionInterface.h
+++ b/Sources/_CFURLSessionInterface/include/CFURLSessionInterface.h
@@ -580,6 +580,15 @@ typedef struct CFURLSessionCurlVersion {
 } CFURLSessionCurlVersion;
 CF_EXPORT CFURLSessionCurlVersion CFURLSessionCurlVersionInfo(void);
 
+typedef struct CFURLSessionSSLVersion {
+    int major;
+    int minor;
+    int patch;
+    bool isOpenSSL;
+} CFURLSessionSSLVersion;
+
+CF_EXPORT CFURLSessionSSLVersion CFURLSessionSSLVersionInfo(void);
+
 
 CF_EXPORT int const CFURLSessionWriteFuncPause;
 CF_EXPORT int const CFURLSessionReadFuncPause;