CVE-2025-5318
HIGHEPSS 82th pctlDescription
A flaw was found in the libssh library in versions less than 0.11.2. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior.
CVSS v3 Vector
Exploitability
Impact
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Exploit Intelligence
Elevated risk: more likely to be exploited than 82% of all known CVEs.
References
- https://access.redhat.com/errata/RHSA-2025:18231
- https://access.redhat.com/errata/RHSA-2025:18275
- https://access.redhat.com/errata/RHSA-2025:18286
- https://access.redhat.com/errata/RHSA-2025:19012
- https://access.redhat.com/errata/RHSA-2025:19098
- https://access.redhat.com/errata/RHSA-2025:19101
- https://access.redhat.com/errata/RHSA-2025:19295
- https://access.redhat.com/errata/RHSA-2025:19300
- https://access.redhat.com/errata/RHSA-2025:19313
- https://access.redhat.com/errata/RHSA-2025:19400
- https://access.redhat.com/errata/RHSA-2025:19401
- https://access.redhat.com/errata/RHSA-2025:19470
- https://access.redhat.com/errata/RHSA-2025:19472
- https://access.redhat.com/errata/RHSA-2025:19807
- https://access.redhat.com/errata/RHSA-2025:19864
- https://access.redhat.com/errata/RHSA-2025:20943
- https://access.redhat.com/errata/RHSA-2025:21013
- https://access.redhat.com/errata/RHSA-2025:21329
- https://access.redhat.com/errata/RHSA-2025:21829
- https://access.redhat.com/errata/RHSA-2025:22275
- https://access.redhat.com/errata/RHSA-2025:23078
- https://access.redhat.com/errata/RHSA-2025:23079
- https://access.redhat.com/errata/RHSA-2025:23080
- https://access.redhat.com/errata/RHSA-2026:0326
- https://access.redhat.com/errata/RHSA-2026:1541
- https://access.redhat.com/errata/RHSA-2026:3461
- https://access.redhat.com/errata/RHSA-2026:3462
- https://access.redhat.com/security/cve/CVE-2025-5318
- https://bugzilla.redhat.com/show_bug.cgi?id=2369131
- https://www.libssh.org/security/advisories/CVE-2025-5318.txt
Find and fix vulnerabilities across your fleet
TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.
Start freeThis product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2026-02-27.