CVE-2026-0965
3.3 LOWA flaw was found in libssh where it can attempt to open arbitrary files during configuration parsing
Published: 2026-03-26 · Last updated: 2026-05-19
Severity and scoring
- CVSS
- 3.3 LOW
- Vector
- CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
- CWE
- CWE-73
Affected products
| Vendor | Product |
|---|---|
| libssh | enterprise_linux, libssh |
| redhat | enterprise_linux, libssh |
Description
A flaw was found in libssh where it can attempt to open arbitrary files during configuration parsing. A local attacker can exploit this by providing a malicious configuration file or when the system is misconfigured. This vulnerability could lead to a Denial of Service (DoS) by causing the system to try and access dangerous files, such as block devices or large system files, which can disrupt normal operations.
Source: NVD
References
Related CVEs
Same vendor
- CVE-2026-50259 — A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland (7.8 HIGH)
- CVE-2026-50258 — A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland (7.8 HIGH)
- CVE-2026-50257 — A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence() (7.8 HIGH)
- CVE-2026-50256 — A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland (7.8 HIGH)
- CVE-2026-1784 — The Route OpenShift resource allows to define routes to make pods reachable at a subdomain through HAProxy (8.8 HIGH)
Same CWE
- CVE-2026-45556 — Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers (9.9 CRITICAL)
- CVE-2026-47643 — External control of file name or path in Azure Stack Edge allows an unauthorized attacker to execute code over a network (9.8 CRITICAL)
- CVE-2025-12656 — The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary directory deletion due to ins... (3.8 LOW)
- CVE-2026-46397 — HAX CMS helps manage microsite universe with PHP or NodeJs backends (6.5 MEDIUM)
- CVE-2026-46399 — HAX CMS helps manage microsite universe with PHP or NodeJs backends