GHSA-q35q-xwh9-8pgw · Severity: low — A flaw was found in libssh where it can attempt to open arbitrary files during configuration...
A flaw was found in libssh where it can attempt to open arbitrary files during configuration parsing. A local attacker can exploit this by providing a malicious configuration file or when the system is misconfigured. This vulnerability could lead to a Denial of Service (DoS) by causing the system to try and access dangerous files, such as block devices or large system files, which can disrupt normal operations.
Conclusion & alert: CVE-2026-0965 is rated Low Risk (14.1/100): CVSS Low severity, with low exploitation likelihood (EPSS 0.01%). Mandatory action: Low composite risk—no urgent action required; patch on your normal maintenance cycle and revisit priority if CVSS or EPSS increases.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2026-03-27 | — | 0.01% | — |
Full EPSS history (1 record total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 3.3 | 3.0 | LOW |
|
1.8 | 1.4 | [email protected] |
GHSA-q35q-xwh9-8pgw · Severity: low — A flaw was found in libssh where it can attempt to open arbitrary files during configuration...
| vendor | priority | summary | link |
|---|---|---|---|
alpine
|
— | CVE-2026-0965: 1 source package rows (libssh); 12 state rows across 2 repos (3.23-community, edge-community); fixed 2, open 10. | https://security.alpinelinux.org/vuln/CVE-2026-0965 |
debian
|
not yet assigned | CVE-2026-0965 not yet assigned priority: Debian including 1 source packages (libssh), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): open 3, resolved 2. | https://security-tracker.debian.org/tracker/CVE-2026-0965 |
redhat
|
low | — | https://access.redhat.com/security/cve/CVE-2026-0965 |
suse
|
low | CVE-2026-0965 severity low: SUSE including 276 source package names (1.1.1-1.40:libssh-config-0.9.8-150600.11.9.1, 1.1.1-1.40:libssh4-0.9.8-150600.11.9.1, …), 428 product×package rows across 85 product lines (Container private-registry/harbor-trivy-adapter, Container suse/ltss/sle12.5/sles12sp5, … (85 product lines)): Known Affected 231, Fixed 187, First Fixed 10. | https://www.suse.com/security/cve/CVE-2026-0965/ |
ubuntu
|
low | CVE-2026-0965 low priority: Ubuntu including 1 source packages (libssh), 7 status rows across 7 suites (bionic, focal, jammy, noble, questing, upstream, xenial): released 7. | https://ubuntu.com/security/CVE-2026-0965 |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| libssh | libssh | <= 0.11.3 | cpe:2.3:a:libssh:libssh:*:*:*:*:*:*:*:* |
| redhat | enterprise_linux | 9.0 | cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:* |
| redhat | enterprise_linux | 10.0 | cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:* |
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2026:18160 | |
| https://access.redhat.com/errata/RHSA-2026:18683 | |
| https://access.redhat.com/security/cve/CVE-2026-0965 | Third Party Advisory |
| https://bugzilla.redhat.com/show_bug.cgi?id=2436980 | Third Party Advisory |