CVE-2026-28295 MEDIUM

CVE-2026-28295: Gvfs: gvfs ftp backend: information disclosure via untrusted pasv responses

Vendor Red Hat
Product Red Hat Enterprise Linux 10
Weakness CWE-918 · SSRF
Published February 26, 2026
Last update February 26, 2026

CVSS base score

4.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality Low
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

A flaw was found in the FTP GVfs backend. A malicious FTP server can exploit this vulnerability by providing an arbitrary IP address and port in its passive mode (PASV) response. The client unconditionally trusts this information and attempts to connect to the specified endpoint, allowing the malicious server to probe for open ports accessible from the client's network.

Key dates

02Disclosure timeline

February 26, 2026 CVE published
February 26, 2026 Record updated

Related vulnerabilities

04Related CVE