2 matches found
CVE-2026-59997
The CVE affects OpenSSH’s internal-sftp helper invoked by sshd, where the process only parses the first 9 command-line arguments. This is tied to OpenSSH before version 10.4. According to the description, this could undermine intended security properties of an SFTP connection if a later argument ...
CVE-2026-32713 PX4 Autopilot MAVLink FTP Session Validation Logic Error Allows Operations on Invalid File Descriptors
PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, A logic error in the PX4 Autopilot MAVLink FTP session validation uses incorrect boolean logic && instead of ||, allowing BurstReadFile and WriteFile operations to proceed with invalid sessions or closed file descriptors...