Ubuntu: Security Advisory (USN-8093-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ROOT-OS-UBUNTU-2404-CVE-2026-3731 CVE-2026-3731 in rootio-libssh - Patched by Root

Root has patched CVE-2026-3731 in the rootio-libssh package for Root:Ubuntu:24.04. Multiple fixed versions available...

USN-8093-1: libssh vulnerability

It was discovered that libssh incorrectly performed bounds checking when processing SFTP extensions. If a client application queried extension data out of bounds, it could cause the application to crash, resulting in a denial of service, or exhibit unintended behavior...

USN-8093-1 libssh vulnerability

It was discovered that libssh incorrectly performed bounds checking when processing SFTP extensions. If a client application queried extension data out of bounds, it could cause the application to crash, resulting in a denial of service, or exhibit unintended behavior...

CLSA-2026-1773653586 curl: Fix of CVE-2025-15224

CVE-2025-15224: fix libssh public-key auth fallback to SSH agent...

EulerOS Virtualization 2.12.1 : libssh (EulerOS-SA-2026-1439)

According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in libssh's handling of key exchange KEX processes when a client repeatedly sends incorrect KEX guesses. The librar...

Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2026-1439)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2026-1496)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Advisory ROSA-SA-2026-3210

software: libssh 0.9.8 OS: ROSA-CHROME unaffected versions = libssh-0.9.8-3 affected versions libssh-0.9.8-3 CVE-ID: CVE-2025-5318 BDU-ID: 2025-09008 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the sftphandle function of the LibSSH library involves reading data outside of buffer boundaries in...

OESA-2026-1562 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

OESA-2026-1561 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

OESA-2026-1558 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

CLSA-2026-1773405202 curl: Fix of CVE-2025-15224

CVE-2025-15224: fix libssh public-key auth fallback to SSH agent...

libssh SFTP Extension Name sftp.c sftp_extensions_get_data out-of-bounds

...

CLSA-2026-1773134717 curl: Fix of 2 CVEs

CVE-2025-14524: prevent bearer token leak on cross-protocol redirect - CVE-2025-15079: set both SSH knownhosts options to the same file to prevent libssh global knownhosts override...

SUSE CVE-2026-3731

A weakness has been identified in libssh up to 0.11.3. The impacted element is the function sftpextensionsgetname/sftpextensionsgetdata of the file src/sftp.c of the component SFTP Extension Name Handler. Executing a manipulation of the argument idx can lead to out-of-bounds read. The attack may ...

CVE-2026-3731

A flaw was found in libssh. A remote attacker could trigger an out-of-bounds read vulnerability in the SFTP Extension Name Handler by manipulating the idx argument in the sftpextensionsgetname or sftpextensionsgetdata functions. This could lead to a Denial of Service DoS, making the affected syst...

Linux Distros Unpatched Vulnerability : CVE-2026-3731

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A weakness has been identified in libssh up to 0.11.3. The impacted element is the function sftpextensionsgetname/sftpextensionsgetdata of the file src/sftp.c o...

EUVD-2026-10234

A weakness has been identified in libssh up to 0.11.3. The impacted element is the function sftpextensionsgetname/sftpextensionsgetdata of the file src/sftp.c of the component SFTP Extension Name Handler. Executing a manipulation of the argument idx can lead to out-of-bounds read. The attack may ...

DEBIAN-CVE-2026-3731

A weakness has been identified in libssh up to 0.11.3. The impacted element is the function sftpextensionsgetname/sftpextensionsgetdata of the file src/sftp.c of the component SFTP Extension Name Handler. Executing a manipulation of the argument idx can lead to out-of-bounds read. The attack may ...