CVE-2026-0964 — Path Traversal in Libssh

CWE-22 — Path Traversal10 documents7 sources

Severity

5.0MEDIUMNVD

OSV5.9OSV3.1

EPSS

0.0%

top 90.07%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Libssh Debian Libssh

Timeline

PublishedMar 26

Description

A malicious SCP server can send unexpected paths that could make the client application override local files outside of working directory. This could be misused to create malicious executable or configuration files and make the user execute them under specific consequences. This is the same issue as in OpenSSH, tracked as CVE-2019-6111.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:LExploitability: 1.6 | Impact: 3.4

Affected Packages3 packages

▶debiandebian/libssh< libssh 0.12.0-1 (forky)

▶Debianlibssh/libssh< 0.12.0-1

▶Ubuntulibssh/libssh< 0.9.6-2ubuntu0.22.04.6+5

🔴Vulnerability Details

OSV

CVE-2026-0964: A malicious SCP server can send unexpected paths that could make the client application override local files outside of working directory↗2026-03-26

▶

GHSA

GHSA-9p3w-rm2q-9gxc: A malicious SCP server can send unexpected paths that could make the client application override local files outside of working directory↗2026-03-26

▶

OSV

libssh vulnerabilities↗2026-02-23

▶

OSV

libssh vulnerabilities↗2026-02-18

▶

📋Vendor Advisories

Ubuntu

libssh vulnerabilities↗2026-02-23

▶

Ubuntu

libssh vulnerabilities↗2026-02-18

▶

Red Hat

libssh: Improper sanitation of paths received from SCP servers↗2026-02-10

▶

Debian

CVE-2026-0964: libssh - A malicious SCP server can send unexpected paths that could make the client appl...↗2026

▶

🕵️Threat Intelligence

Wiz

CVE-2026-0964 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶