Vulnerability Description
A malicious SCP server can send unexpected paths that could make the client application override local files outside of working directory. This could be misused to create malicious executable or configuration files and make the user execute them under specific consequences. This is the same issue as in OpenSSH, tracked as CVE-2019-6111.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Libssh | Libssh | < 0.11.4 |
| Redhat | Hardened Images | - |
| Redhat | Openshift Container Platform | 4.0 |
| Redhat | Enterprise Linux | 8.0 |
Related Weaknesses (CWE)
References
- https://access.redhat.com/errata/RHSA-2026:18160
- https://access.redhat.com/errata/RHSA-2026:18683
- https://access.redhat.com/security/cve/CVE-2026-0964MitigationVendor Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2436979Issue TrackingVendor Advisory
- https://www.libssh.org/2026/02/10/libssh-0-12-0-and-0-11-4-security-releases/Release Notes
FAQ
What is CVE-2026-0964?
CVE-2026-0964 is a vulnerability with a CVSS score of 6.3 (MEDIUM). A malicious SCP server can send unexpected paths that could make the client application override local files outside of working directory. This could be misused to create malicious executable or confi...
How severe is CVE-2026-0964?
CVE-2026-0964 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-0964?
Check the references section above for vendor advisories and patch information. Affected products include: Libssh Libssh, Redhat Hardened Images, Redhat Openshift Container Platform, Redhat Enterprise Linux.