Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedHat Linux
RedHat Linuxadded 2026/05/19 1:16 p.m.9 views

libssh: libssh: Denial of Service due to malformed SFTP message

A flaw was found in libssh in which a malicious SFTP SSH File Transfer Protocol server can exploit this by sending a malformed 'longname' field within an SSHFXPNAME message during a file listing operation. This missing null check can lead to reading beyond allocated memory on the heap. This can...

3.1CVSS6.3AI score0.00442EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2026/05/19 9:10 a.m.5 views

libssh: libssh: Denial of Service due to malformed SFTP message

A flaw was found in libssh in which a malicious SFTP SSH File Transfer Protocol server can exploit this by sending a malformed 'longname' field within an SSHFXPNAME message during a file listing operation. This missing null check can lead to reading beyond allocated memory on the heap. This can...

3.1CVSS6.3AI score0.00442EPSS
Exploits0References5
AstraLinux
AstraLinuxadded 2026/05/03 11:59 p.m.11 views

Astra Linux - уязвимость в libssh

A flaw was discovered in libssh, where a malicious SFTP SSH File Transfer Protocol server can exploit this by sending a malformed ‘longname’ field within an SSHFXPNAME message during a file listing operation. This missing null check can lead to reading beyond the allocated memory on the heap. Thi...

3.1CVSS6.4AI score0.00442EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/03/26 8:6 p.m.2 views

CVE-2026-0968 Libssh: libssh: denial of service due to malformed sftp message

A flaw was found in libssh in which a malicious SFTP SSH File Transfer Protocol server can exploit this by sending a malformed 'longname' field within an SSHFXPNAME message during a file listing operation. This missing null check can lead to reading beyond allocated memory on the heap. This can...

3.1CVSS6.4AI score0.00442EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/03/26 8:6 p.m.1 views

CVE-2026-0968

A flaw was found in libssh in which a malicious SFTP SSH File Transfer Protocol server can exploit this by sending a malformed 'longname' field within an SSHFXPNAME message during a file listing operation. This missing null check can lead to reading beyond allocated memory on the heap. This can...

3.1CVSS6AI score0.00442EPSS
Exploits0References6
CVE
CVEadded 2026/03/26 8:6 p.m.31 views

CVE-2026-0968

CVE-2026-0968 : A flaw in libssh allows a malicious SFTP server to cause an out-of-bounds read by sending a malformed ‘longname’ in SSH_FXP_NAME during directory listings. This null-check omission can read past allocated heap memory, potentially triggering DoS via application crashes. The issue i...

3.1CVSS5.8AI score0.00442EPSS
Exploits0References5Affected Software2
Snyk
Snykadded 2026/02/10 6:46 p.m.1 views

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference in the sftpparselongname function. An attacker can cause a crash by sending SFTP messages with malformed longname field. Remediation Upgrade libssh to version 0.11.4 or higher. References - Libssh Security...

3.7CVSS6.4AI score0.00442EPSS
Exploits0References2
Rows per page
Query Builder