CVE-2025-5318 – Libssh SFTP Out-of-Bounds Read Vulnerability

June 24, 2025

CVE ID : CVE-2025-5318

Published : June 24, 2025, 2:15 p.m. | 23 minutes ago

Description : A flaw was found in the libssh library. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior.

Severity: 5.4 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6032 – Podman TLS Certificate Verification Bypass Vulnerability

Next Article CVE-2025-27828 – Mitel MiContact Center Business Reflected Cross-Site Scripting Vulnerability

Google’s Agent2Agent protocol finds new home at the Linux Foundation

Decoding The SVG path Element: Curve And Arc Commands

This week in AI dev tools: Gemini 2.5 Pro and Flash GA, GitHub Copilot Spaces, and more (June 20, 2025)

Gemini 2.5 Pro and Flash are generally available and Gemini 2.5 Flash-Lite preview is announced

Summer Game Fest had a bit of a “weird” vibe this year — an extremely mixed bag of weak presentations and interesting titles

The Lenovo Legion Go 2 gets its first release date tease, which could be accurate — but treat with the biggest pinch of salt

Denmark will stick with Windows — government still plans to ditch Microsoft Office

OneDrive user locked out of “30 years worth of photos and work” without any support — calls Microsoft a “Kafkaesque black hole”

Best PHP Project for Final Year Students: Learn, Build, and get Successful with PHPGurukul

Best PHP Project for Final Year Students: Learn, Build, and get Successful with PHPGurukul

Community News: Latest PECL Releases (06.24.2025)

JSON module scripts are now Baseline Newly Available

Summer Game Fest had a bit of a “weird” vibe this year — an extremely mixed bag of weak presentations and interesting titles

Summer Game Fest had a bit of a “weird” vibe this year — an extremely mixed bag of weak presentations and interesting titles

The Lenovo Legion Go 2 gets its first release date tease, which could be accurate — but treat with the biggest pinch of salt

Denmark will stick with Windows — government still plans to ditch Microsoft Office

CVE-2025-5318 – Libssh SFTP Out-of-Bounds Read Vulnerability

Multiple vulnerabilities in Sitecore CMS | Kaspersky official blog

Don’t panic, but it’s only a matter of time before critical ‘CitrixBleed 2’ is under attack

GraphCast: AI model for faster and more accurate global weather forecasting

CVE-2025-46217 – Apache HTTP Server Cross-Site Request Forgery

Using Database Comments to Track Columns With Sensitive Data

CVE-2025-5872 – eGauge EG3000 Energy Monitor Authentication Bypass Vulnerability

Graph-powered authorization: Relationship based access control for access management

Microsoft fixes Chrome’s washed-out (dull) HDR colours on Windows 11 24H2

CVE-2025-20202 – Cisco IOS XE Wireless Controller Software CDP Neighbor Report Denial of Service Vulnerability

CVE-2025-22859 – FortiClientEMS Relative Path Traversal File Write Vulnerability

CVE-2025-5318 – Libssh SFTP Out-of-Bounds Read Vulnerability

Related Posts