CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

OSV•added 2026/02/19 11:40 a.m.•3 views

CLSA-2026-1771501223 curl: Fix of CVE-2025-15079

CVE-2025-15079: fix accepting hosts not present in the specified knownhosts during SSH-based SCP/SFTP transfers when global knownhosts contained them restrict host verification to the specified knownhosts file...

5.3CVSS6.4AI score0.00457EPSS

Exploits1References1

Tenable Nessus•added 2026/01/23 12:0 a.m.•4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: curl (UTSA-2026-004931)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004931 advisory. When doing SSH-based transfers using either SCP or SFTP, and setting the knownhosts file, libcurl could still mistakenly accept connecting to hosts not present in th...

5.3CVSS5.6AI score0.00457EPSS

Exploits1References3

RedhatCVE•added 2026/01/18 11:20 a.m.•5 views

CVE-2025-15079

When doing SSH-based transfers using either SCP or SFTP, and setting the knownhosts file, libcurl could still mistakenly accept connecting to hosts not present in the specified file if they were added as recognized in the libssh global knownhosts file...

5.3CVSS6.9AI score0.00457EPSS

Exploits1References1

NVD•added 2026/01/08 10:15 a.m.•4 views

CVE-2025-15224

When doing SSH-based transfers using either SCP or SFTP, and asked to do public key authentication, curl would wrongly still ask and authenticate using a locally running SSH agent...

3.1CVSS0.00413EPSS

Exploits1References4

OSV•added 2026/01/08 10:15 a.m.•3 views

CVE-2025-15079

5.3CVSS5.4AI score0.00457EPSS

Exploits1References4

OSV•added 2026/01/08 10:15 a.m.•5 views

ALPINE-CVE-2025-15079

5.3CVSS6.1AI score0.00457EPSS

Exploits1References1