File Download Vulnerability in OpenSSH SFTP from Attacker-Controlled Servers
CVE-2026-59995
4.2MEDIUM
What is CVE-2026-59995?
A vulnerability exists in the SFTP component of OpenSSH prior to version 10.4 that potentially allows an attacker to exploit the file download functionality. Specifically, when using the command 'sftp server:/path .', the application does not adequately restrict the locations of the downloaded files if sourced from an attacker-controlled server. This could lead to unauthorized file access or overwriting of sensitive files, which poses a significant risk to the integrity and security of data managed by affected systems.
Affected Version(s)
OpenSSH 0 < 10.4