Lucene search
K

7 matches found

OSV
OSV
added 3 days ago2 views

ALPINE-CVE-2026-9547

When a libcurl-based application performs transfers via SCP:// or SFTP:// and utilizes the CURLOPTSSHKEYFUNCTION callback, it may silently accept an untrusted server. This vulnerability occurs when a server presents a host key type that does not match the specific key type already recorded for th...

7.4CVSS6AI score0.00187EPSS
Exploits0References1
CVE
CVE
added 3 days ago14 views

CVE-2026-9547

When a libcurl-based application performs transfers via SCP:// or SFTP:// and utilizes the CURLOPTSSHKEYFUNCTION callback, it may silently accept an untrusted server. This vulnerability occurs when a server presents a host key type that does not match the specific key type already recorded for th...

7.4CVSS6AI score0.00187EPSS
Exploits0References3
EUVD
EUVD
added 3 days ago6 views

EUVD-2026-41495

When a libcurl-based application performs transfers via SCP:// or SFTP:// and utilizes the CURLOPTSSHKEYFUNCTION callback, it may silently accept an untrusted server. This vulnerability occurs when a server presents a host key type that does not match the specific key type already recorded for th...

6AI score0.00187EPSS
Exploits0References3
OSV
OSV
added 2026/06/24 2:0 p.m.4 views

UBUNTU-CVE-2026-9547

When a libcurl-based application performs transfers via SCP:// or SFTP:// and utilizes the CURLOPTSSHKEYFUNCTION callback, it may silently accept an untrusted server. This vulnerability occurs when a server presents a host key type that does not match the specific key type already recorded for th...

7.4CVSS5.9AI score0.00187EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.7 views

PT-2026-51756

Name of the Vulnerable Software and Affected Versions libcurl affected versions not specified Description Applications using libcurl for transfers via SCP:// or SFTP:// that utilize the CURLOPT SSH KEYFUNCTION callback may silently accept an untrusted server. This occurs when a server presents a...

5.8AI score0.00187EPSS
Exploits0References20
Hacker One
Hacker One
added 2026/05/20 7:40 p.m.7 views

curl: CVE-2026-9547: SSH improper host validation

Hi all, We've found an issue in lib/vssh/libssh.c where the libssh backend maps SSHKNOWNHOSTSOTHER to CURLKHMATCHMISSING instead of CURLKHMATCHMISMATCH. libssh documents SSHKNOWNHOSTSOTHER as "The server gave us a key of a type while we had another type recorded. It is a possible attack."...

7.4CVSS5.8AI score0.00187EPSS
Exploits0
OSV
OSV
added 2007/02/26 5:28 p.m.3 views

DEBIAN-CVE-2007-1099

dbclient in Dropbear SSH client before 0.49 does not sufficiently warn the user when it detects a hostkey mismatch, which might allow remote attackers to conduct man-in-the-middle attacks...

7.5CVSS6.6AI score0.02103EPSS
Exploits0References1
Rows per page
Query Builder