CVE-2026-0965 Redhat CVE debrief

Who should care

Administrators and application teams that deploy libssh, especially where configuration files may be user-controlled or where the library is packaged in Red Hat Enterprise Linux environments. Security teams managing Red Hat errata and embedded libssh dependencies should also review exposure.

Technical summary

NVD lists libssh versions through 0.11.3 as vulnerable and maps the issue to CWE-73 (External Control of File Name or Path). The CVSS v3.0 vector is AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L, indicating a local attack with low privileges and availability impact only. The reported behavior is arbitrary file opening during configuration parsing, which can lead to DoS when dangerous files are accessed.

Defensive priority

Low

Recommended defensive actions

• Apply vendor fixes and update affected libssh packages beyond the vulnerable range reported by NVD (through 0.11.3).
• Review any workflows that allow untrusted or attacker-influenced configuration files and stop them from reaching libssh parsing paths.
• Limit local access and follow least-privilege practices for services that use libssh.
• Check Red Hat advisories and errata for the applicable platform packages and confirm remediation is installed.
• Monitor for abnormal file-access errors or service instability around configuration parsing, especially on systems handling custom configs.

Evidence notes

The supplied official data shows CVE publication on 2026-03-26 and a later NVD modification on 2026-05-19. NVD marks libssh as vulnerable through 0.11.3 and includes Red Hat Enterprise Linux 9.0 and 10.0 CPE entries. The mapped weakness is CWE-73, and the CVSS vector indicates a local, low-privilege availability issue. Red Hat references include RHSA-2026:18160, RHSA-2026:18683, a Red Hat CVE page, and a Bugzilla record. No KEV listing or ransomware linkage was provided in the source corpus.

Official resources