CVE-2026-0964
Description
A malicious SCP server can send unexpected paths that could make theclient application override local files outside of working directory.This could be misused to create malicious executable or configurationfiles and make the user execute them under specific consequences.This is the same issue as in OpenSSH, tracked as CVE-2019-6111.
Risk Information
Base Score
5.0
MODERATE
Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
EPSS Score
Exploitation Probability
0.0
Associated Vulnerability
No records foundPatch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234