Threat Intel

v0.1

← CVEs

CVE-2026-0968

CRIT 9.8
Published
2026-03-26
Last Modified
2026-04-03
Affected Apps
18
Affected Devices
48
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
A flaw was found in libssh in which a malicious SFTP (SSH File Transfer Protocol) server can exploit this by sending a malformed 'longname' field within an `SSH_FXP_NAME` message during a file listing operation. This missing null check can lead to reading beyond allocated memory on the heap. This can cause unexpected behavior or lead to a denial of service (DoS) due to application crashes.
Affected Applications in Environment 18
libssh v0.10.4-13.el9
22 devices
libssh v0.9.6-16.el8_10
3 devices
libssh v0.9.6-16.el8_10
2 devices
libssh v0.9.6-15.el8_10
1 device
libssh v0.10.4-13.el9
1 device
libssh v0.10.4-15.el9_6
1 device
libssh v0.10.4-17.el9_7
1 device
libssh v0.10.4-17.el9_7
1 device
libssh v0.9.6-10.el8_8
2 devices
libssh v0.10.4-15.el9_7
3 devices
libssh v0.10.4-17.el9_7
2 devices
libssh v0.11.1-5.el10_1
1 device
libssh v0.9.6-14.el8
2 devices
libssh v0.9.6-14.el8
1 device
ssh v1:9.2p1-2+deb12u7
1 device
ssh v1:8.4p1-5+deb11u5
2 devices
ssh v1:10.0p1-7
1 device
ssh v1:9.6p1-3ubuntu13.15
1 device
Affected Devices 48
2ua5171h8k Linux atc.db.usu.edu Linux auto-score Linux chela03 Linux chela04 Linux chela05 Linux cleanaddressdev.banner.usu.edu Linux devjobsub.banner.usu.edu Linux dpapsb-161390.aggies.usu.edu Linux dpapsb-191594.mypc.usu.edu Linux el103-02.ece.usu.edu Linux el103-03.ece.usu.edu Linux el103-04.ece.usu.edu Linux el103-05.ece.usu.edu Linux el103-07.ece.usu.edu Linux el103-08.ece.usu.edu Linux el103-09.ece.usu.edu Linux el103-10.ece.usu.edu Linux el103-14.ece.usu.edu Linux el103-15.ece.usu.edu Linux el103-16.ece.usu.edu Linux el103-17.ece.usu.edu Linux el103-18.ece.usu.edu Linux el103-19.ece.usu.edu Linux el103-20.ece.usu.edu Linux el120-01.ece.usu.edu Linux el120-02.ece.usu.edu Linux el120-03.ece.usu.edu Linux el120-04.ece.usu.edu Linux el120-05.ece.usu.edu Linux el120-06.ece.usu.edu Linux el120-08.ece.usu.edu Linux el120-09.ece.usu.edu Linux el120-10.ece.usu.edu Linux el120-11.ece.usu.edu Linux el120-12.ece.usu.edu Linux el120-14.ece.usu.edu Linux eprocdev.banner.usu.edu Linux facreadyprod.pplant.usu.edu Linux facreadytestrhel.pplant.usu.edu Linux facshibsp2.pplant.usu.edu Linux mirror3 Linux oms.db.usu.edu Linux paymentworksdev.banner.usu.edu Linux svn.usu.edu Linux sympa.ser321.usu.edu Linux thinkstation Linux zldtst.db.usu.edu Linux
References 3