CVE-2026-0965 LOW

CVE-2026-0965: Libssh: libssh: denial of service via improper configuration file handling

Vendor Red Hat
Product Red Hat Enterprise Linux 6
Weakness CWE-73
Published March 26, 2026
Last update May 19, 2026

CVSS base score

3.3/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

What the vulnerability does

01Description

A flaw was found in libssh where it can attempt to open arbitrary files during configuration parsing. A local attacker can exploit this by providing a malicious configuration file or when the system is misconfigured. This vulnerability could lead to a Denial of Service (DoS) by causing the system to try and access dangerous files, such as block devices or large system files, which can disrupt normal operations.

Key dates

02Disclosure timeline

March 26, 2026 CVE published
May 19, 2026 Record updated

Related vulnerabilities

04Related CVE