CVE-2026-3731

🗓️ 08 Mar 2026 10:32:19Reported by VulDBType

Libssh SFTP extension handler allows out-of-bounds read via sftp_extensions_get_name/data; upgrade to 0.11.4 or 0.12.0.

Reporter	Title	Published	Views	Family All 64
ATTACKERKB	CVE-2026-3731	8 Mar 202610:32	–	attackerkb
AlpineLinux	CVE-2026-3731	8 Mar 202610:32	–	alpinelinux
AstraLinux	Astra Linux - уязвимость в libssh	3 May 202623:59	–	astralinux
CBLMariner	CVE-2026-3731 affecting package libssh for versions less than 0.10.6-6	6 Apr 202623:43	–	cbl_mariner
Circl	CVE-2026-3731	8 Mar 202610:15	–	circl
CNNVD	libssh 缓冲区错误漏洞	8 Mar 202600:00	–	cnnvd
Cvelist	CVE-2026-3731 libssh SFTP Extension Name sftp.c sftp_extensions_get_data out-of-bounds	8 Mar 202610:32	–	cvelist
Debian CVE	CVE-2026-3731	8 Mar 202610:32	–	debiancve
EUVD	EUVD-2026-10234	8 Mar 202612:30	–	euvd
Microsoft CVE	libssh SFTP Extension Name sftp.c sftp_extensions_get_data out-of-bounds	11 Mar 202608:01	–	mscve

NVD

Vulners

Node

libssh libsshRange≤0.11.3

[
  {
    "vendor": "n/a",
    "product": "libssh",
    "versions": [
      {
        "version": "0.11.0",
        "status": "affected"
      },
      {
        "version": "0.11.1",
        "status": "affected"
      },
      {
        "version": "0.11.2",
        "status": "affected"
      },
      {
        "version": "0.11.3",
        "status": "affected"
      },
      {
        "version": "0.11.4",
        "status": "unaffected"
      },
      {
        "version": "0.12.0",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:2.3:a:libssh:libssh:*:*:*:*:*:*:*:*"
    ],
    "modules": [
      "SFTP Extension Name Handler"
    ]
  }
]

Source	Link
libssh	www.libssh.org/security/advisories/libssh-2026-sftp-extensions.txt
vuldb	www.vuldb.com/
libssh	www.libssh.org/files/0.12/libssh-0.12.0.tar.xz
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
gitlab	www.gitlab.com/libssh/libssh-mirror/-/commit/855a0853ad3abd4a6cd85ce06fce6d8d4c7a0b60

12 Mar 2026 19:02Current

5.7Medium risk

Vulners AI Score5.7

CVSS 3.15.3 - 7.5

CVSS 25

CVSS 46.9

CVSS 35.3

EPSS0.00043

SSVC