Lucene search
K

275 matches found

CVE
CVE
added 2 hours ago9 views

CVE-2026-9547

CVE-2026-9547 describes an SSH host-validation flaw in libcurl: when a libcurl-based application uses SCP/SFTP with CURLOPT_SSH_KEYFUNCTION, a host key type mismatch may be silently accepted, allowing a connection to succeed without warning and enabling potential man-in-the-middle attacks. The is...

6AI score
Exploits0References3
EUVD
EUVD
added yesterday4 views

EUVD-2026-41413

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to render an SFTP channel permanently unresponsive. The handledata/4 function in sshsftpd contains a catch-all clause that accepts channel data of any type. When...

5.3CVSS6AI score
Exploits0References5
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-54886

Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to render an SFTP channel permanently unresponsive. The handledata/4 function in sshsftpd contains a catch-all clause that accepts channel data of any type. When...

5.3CVSS6AI score
Exploits0References6Affected Software1
OSV
OSV
added yesterday3 views

EEF-CVE-2026-54886 SSH SFTP server denial of service via extended channel data infinite loop

Summary Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability in Erlang OTP ssh ssh\sftpd module allows an authenticated SFTP user to render an SFTP channel permanently unresponsive. The handle\data/4 function in ssh\sftpd contains a catch-all clause that accepts channel data of any...

5.3CVSS6AI score
Exploits0References4
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-53422

Observable Response Discrepancy vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to enumerate the existence of files and directories outside the configured root directory. The SSHFXPREALPATH handler in sshsftpd calls relatefilename/3 with Canonicalize=false, unlik...

2.3CVSS5.8AI score
Exploits0References8Affected Software1
Cvelist
Cvelist
added yesterday19 views

CVE-2026-53422 SFTP REALPATH path-existence oracle allowing filesystem enumeration outside configured root

Observable Response Discrepancy vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to enumerate the existence of files and directories outside the configured root directory. The SSHFXPREALPATH handler in sshsftpd calls relatefilename/3 with Canonicalize=false, unlik...

2.3CVSS
Exploits0References7
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.14 views

Astra Linux – Vulnerability in libssh

A flaw was discovered in libssh, where a malicious SFTP SSH File Transfer Protocol server can exploit this by sending a malformed ‘longname’ field within an SSHFXPNAME message during a file listing operation. This missing null check can lead to reading beyond the allocated memory on the heap. Thi...

3.1CVSS6.6AI score0.00442EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.7 views

PT-2026-51756

Name of the Vulnerable Software and Affected Versions libcurl affected versions not specified Description Applications using libcurl for transfers via SCP:// or SFTP:// that utilize the CURLOPT SSH KEYFUNCTION callback may silently accept an untrusted server. This occurs when a server presents a...

5.8AI score
Exploits0References20
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.11 views

PT-2026-51744

Name of the Vulnerable Software and Affected Versions curl affected versions not specified Description A disconnect between the tool layer and libcurl occurs when a user invokes curl with a schemeless URL and the --proto-default option set to sftp or scp. The tool layer incorrectly infers the URL...

6.1AI score
Exploits0References5
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in mc

A issue was discovered in Midnight Commander through version 4.8.26. When establishing an SFTP connection, the fingerprint of the server is neither checked nor displayed. As a result, a user can connect to the server without being able to verify its authenticity...

7.5CVSS7.1AI score0.02216EPSS
Exploits1References2
Fedora
Fedora
added 2026/06/19 1:10 a.m.14 views

[SECURITY] Fedora 43 Update: restic-0.19.0-1.fc43

Fast, secure, efficient backup program. restic supports the following backends for storing backups natively: Local directory sftp server via SSH HTTP REST server protocol, rest-server Amazon S3 either from Amazon or using the Minio server OpenStack Swift BackBlaze B2 Microsoft Azure Blob Storage...

9.8CVSS5.3AI score0.34734EPSS
Exploits4
SUSE CVE
SUSE CVE
added 2026/06/12 2:25 a.m.9 views

SUSE CVE-2026-48855

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Erlang OTP ssh sshsftpd module allows File Discovery. The SSHFXPREADLINK handler in sshsftpd sends the raw result of file:readlink/2 to the client without calling chrootfilename/2 to strip the backend root prefix. An...

2.3CVSS5.3AI score0.00277EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.20 views

VMware Spring Integration 路径遍历漏洞

VMware Spring Integration is an enterprise application integration framework developed by VMware, Inc. Versions 7.0.0 to 7.0.4, 6.5.0 to 6.5.8, 6.4.0 to 6.4.11, 6.3.0 to 6.3.14, and 5.5.0 to 5.5.20 of VMware Spring Integration have a path traversal vulnerability. This vulnerability arises due to...

7.1CVSS5.5AI score0.0021EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.6 views

FreeBSD : Erlang/OTP -- SFTP READLINK discloses server filesystem paths (d87e41a4-64d4-11f1-ab11-4c526214c986)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the d87e41a4-64d4-11f1-ab11-4c526214c986 advisory. https://github.com/erlang/otp/security/advisories/GHSA-pv7g-pjrq-x2fh reports: The SSH SFTP daemon's...

6.5CVSS5.3AI score0.00277EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.9 views

Erlang/OTP 信息泄露漏洞

Erlang/OTP is an open-source JavaScript library for handling exceptions. This library can catch exceptions caused by Node.js’s built-in APIs. Erlang/OTP versions 3.0.1 to 6.0.1, 5.5.2.1, and 5.2.11.8 have a vulnerability known as information leakage. This vulnerability stems from the SSHFXPREADLI...

6.5CVSS5.3AI score0.00277EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2026/06/10 12:0 a.m.7 views

Erlang/OTP -- SFTP READLINK discloses server filesystem paths

https://github.com/erlang/otp/security/advisories/GHSA-pv7g-pjrq-x2fh reports: The SSH SFTP daemon's handling of SSHFXPREADLINK returned symbolic link targets containing the server's absolute filesystem path, disclosing the backend root prefix to clients. The handler now strips the backend root...

6.5CVSS5.5AI score0.00277EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 8:46 a.m.36 views

CVE-2026-46747

A vulnerability has been identified in SINEC INS All versions V1.0 SP2 Update 6. The affected application does not properly sanitize path input in the GET /api/sftp/uploadFiles endpoint used for directory listing. This allows path traversal through crafted input, enabling access to unintended fil...

5.3CVSS0.00242EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 8:46 a.m.25 views

CVE-2026-46747

The CVE-2026-46747 issue affects SINEC INS (all versions

5.3CVSS5.4AI score0.00242EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/05/29 4:3 p.m.9 views

RLSA-2026:18160 Moderate: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: Buffer underflow in sshgethexa on invalid input CVE-2026-0966 libssh: Improper sanitation of paths received from SCP servers CVE-2026-0964 libssh: libssh:...

6.5CVSS5.8AI score0.00582EPSS
Exploits0References6
OSV
OSV
added 2026/05/19 7:18 p.m.11 views

GHSA-2Q4C-3MRW-63C3 Kopia: RCE via SSH ProxyCommand Injection

Summary Kopia's HTTP server, when started with --without-password , accepts unauthenticated requests to /api/v1/repo/exists. The handler forwards an attacker-supplied storage configuration to blob.NewStorage. For SFTP backends with externalSSH: true, that path constructs a process command line by...

9.8CVSS6.2AI score0.00109EPSS
Exploits0References3
Rows per page
Query Builder