CVE-2025-5318HIGH 8.1EPSS p81.8%

CVE-2025-5318CVE-2025-5318

Description

A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior.

Scoring

CVSS 3.18.1 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
EPSS2.39% probability of exploitation · percentile 81.8% · 2026-06-19T12:03:05Z
Published2025-06-24
Last modified2026-02-27

Underlying weaknesses· 1

CWE-125

References

  1. https://access.redhat.com/errata/RHSA-2025:18231
  2. https://access.redhat.com/errata/RHSA-2025:18275
  3. https://access.redhat.com/errata/RHSA-2025:18286
  4. https://access.redhat.com/errata/RHSA-2025:19012
  5. https://access.redhat.com/errata/RHSA-2025:19098
  6. https://access.redhat.com/errata/RHSA-2025:19101
  7. https://access.redhat.com/errata/RHSA-2025:19295
  8. https://access.redhat.com/errata/RHSA-2025:19300

1

TypeTargetConfidenceTier
WeaknessOut-of-bounds Readcwe-1250%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-11624
CVE
CVE-2025-5372
CVE
CVE-2025-5987
CVE
CVE-2025-15382
CVE
CVE-2025-48038
CVE
CVE-2025-5357
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.