MGASA-2026-0210 Updated putty packages fix security vulnerabilities

ECDSA signature verification can be made to fail an assertion. Server can provoke a double free in RSA KEX code. Telnet session data is marked with trust sigils after authenticating to a proxy. PuTTY Ed25519 Signature ecc-ssh.c eddsaverify signature verification. CVE-2026-4115...

[SECURITY] Fedora 43 Update: putty-0.84-1.fc43

Putty is a SSH, Telnet & Rlogin client - this time for Linux...

[SECURITY] Fedora 44 Update: putty-0.84-1.fc44

Putty is a SSH, Telnet & Rlogin client - this time for Linux...

Fedora 43 : putty (2026-61f53cc218)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-61f53cc218 advisory. This is an update fixing several security related problems in putty. Tenable has extracted the preceding description block directly from the Fedora...

Fedora 44 : putty (2026-1ab61e6e20)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-1ab61e6e20 advisory. This is an update fixing several security related problems in putty. Tenable has extracted the preceding description block directly from the Fedora...

openSUSE 16 Security Update : putty (openSUSE-SU-2026:20851-1)

The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:20851-1 advisory. Changes in putty: - Update to release 0.84 Fixed a remotely triggerable double-free in RSA key exchange. Fixed a remotely triggerable crash assertion...

OPENSUSE-SU-2026:20851-1 Security update for putty

This update for putty fixes the following issues: Changes in putty: - Update to release 0.84 Fixed a remotely triggerable double-free in RSA key exchange. Fixed a remotely triggerable crash assertion failure - program termination in NIST ECDSA signature verification. Fixed marking of Telnet and...

SUSE CVE-2026-48850

PuTTY 0.72 before 0.84 has a double free in RSA KEX...

SUSE CVE-2026-48851

PuTTY 0.77 before 0.84 uses a copy of the PuTTY icon as a trust indication for TELNET data but the trust status is not cleared between proxy authentication and the main session...

SUSE CVE-2026-48852

PuTTY 0.71 before 0.84 has an assertion failure in ECDSA signature verification...

Linux Distros Unpatched Vulnerability : CVE-2026-48852

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PuTTY 0.71 before 0.84 has an assertion failure in ECDSA signature verification. CVE-2026-48852 Note that Nessus relies on the presence of the package as report...

Linux Distros Unpatched Vulnerability : CVE-2026-48850

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PuTTY 0.72 before 0.84 has a double free in RSA KEX. CVE-2026-48850 Note that Nessus relies on the presence of the package as reported by the vendor...

FreeBSD : putty -- multiple security vulnerabilities (5f7c686c-558e-11f1-b38d-9be2e6022e28)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 5f7c686c-558e-11f1-b38d-9be2e6022e28 advisory. Simon Tatham reports: These features are new in PuTTY 0.84: Tenable has extracted the preceding...

Linux Distros Unpatched Vulnerability : CVE-2026-48851

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PuTTY 0.77 before 0.84 uses a copy of the PuTTY icon as a trust indication for TELNET data but the trust status is not cleared between proxy authentication and...

CVE-2026-48850

PuTTY 0.72 before 0.84 has a double free in RSA KEX...

CVE-2026-48852

PuTTY 0.71 before 0.84 has an assertion failure in ECDSA signature verification...

DEBIAN-CVE-2026-48851

PuTTY 0.77 before 0.84 uses a copy of the PuTTY icon as a trust indication for TELNET data but the trust status is not cleared between proxy authentication and the main session...

CVE-2026-48851

PuTTY 0.77 before 0.84 uses a copy of the PuTTY icon as a trust indication for TELNET data but the trust status is not cleared between proxy authentication and the main session...

DEBIAN-CVE-2026-48852

PuTTY 0.71 before 0.84 has an assertion failure in ECDSA signature verification...

DEBIAN-CVE-2026-48850

PuTTY 0.72 before 0.84 has a double free in RSA KEX...