CVE-2025-15079
CVE Information
CVE ID
CVE-2025-15079
Severity
MEDIUM
CVSS 5.3
Publish Date
2026-01-08
Description
When doing SSH-based transfers using either SCP or SFTP, and setting the known_hosts file, libcurl could still mistakenly accept connecting to hosts *not present* in the specified file if they were added as recognized in the libssh *global* known_hosts file.
Collection Date
2026-02-05
Impact Summary
Affected Hosts
3
Related Incidents
0
Related Alerts
0
Affected Hosts (3)
| Hostname | OS Type | Severity | Total CVEs |
|---|---|---|---|
| in-bridge-40 | LINUX | CRITICAL | 396 |
| inbridge-ubt-24 | LINUX | CRITICAL | 2336 |
| inbridge-42 | LINUX | CRITICAL | 148 |