CVE-2026-0965: External Control of File Name or Path in Red Hat Red Hat Enterprise Linux 10
A flaw was found in libssh where it can attempt to open arbitrary files during configuration parsing. A local attacker can exploit this by providing a malicious configuration file or when the system is misconfigured. This vulnerability could lead to a Denial of Service (DoS) by causing the system to try and access dangerous files, such as block devices or large system files, which can disrupt normal operations.
AI Analysis
Technical Summary
This vulnerability involves libssh in Red Hat Enterprise Linux 10 attempting to open arbitrary files during configuration parsing. A local attacker with low privileges can exploit this by providing a crafted configuration file or exploiting system misconfiguration, potentially causing a Denial of Service by accessing dangerous files. The CVSS v3.0 base score is 3.3, reflecting low severity with local attack vector, low complexity, and no impact on confidentiality or integrity, only availability.
Potential Impact
The impact is limited to a Denial of Service condition caused by the system attempting to open arbitrary files, which may disrupt normal operations. There is no confidentiality or integrity impact reported. No known exploits are currently in the wild.
Mitigation Recommendations
Patch status is not yet confirmed — check the Red Hat advisory at https://access.redhat.com/security/cve/CVE-2026-0965 for current remediation guidance. Until a patch or official fix is confirmed, avoid using untrusted configuration files and ensure system configurations are secure to prevent exploitation.
CVE-2026-0965: External Control of File Name or Path in Red Hat Red Hat Enterprise Linux 10
Description
A flaw was found in libssh where it can attempt to open arbitrary files during configuration parsing. A local attacker can exploit this by providing a malicious configuration file or when the system is misconfigured. This vulnerability could lead to a Denial of Service (DoS) by causing the system to try and access dangerous files, such as block devices or large system files, which can disrupt normal operations.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability involves libssh in Red Hat Enterprise Linux 10 attempting to open arbitrary files during configuration parsing. A local attacker with low privileges can exploit this by providing a crafted configuration file or exploiting system misconfiguration, potentially causing a Denial of Service by accessing dangerous files. The CVSS v3.0 base score is 3.3, reflecting low severity with local attack vector, low complexity, and no impact on confidentiality or integrity, only availability.
Potential Impact
The impact is limited to a Denial of Service condition caused by the system attempting to open arbitrary files, which may disrupt normal operations. There is no confidentiality or integrity impact reported. No known exploits are currently in the wild.
Mitigation Recommendations
Patch status is not yet confirmed — check the Red Hat advisory at https://access.redhat.com/security/cve/CVE-2026-0965 for current remediation guidance. Until a patch or official fix is confirmed, avoid using untrusted configuration files and ensure system configurations are secure to prevent exploitation.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- redhat
- Date Reserved
- 2026-01-14T21:54:51.315Z
- Cvss Version
- 3.0
- State
- PUBLISHED
- Vendor Advisory Urls
- [{"url":"https://access.redhat.com/security/cve/CVE-2026-0965","vendor":"Red Hat"}]
Threat ID: 69c6c6933c064ed76fdc2993
Added to database: 3/27/2026, 6:04:03 PM
Last enriched: 5/2/2026, 1:56:38 AM
Last updated: 5/12/2026, 3:41:42 AM
Views: 71
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.