3.7
CVE-2026-48852
- EPSS 0.27%
- Veröffentlicht 25.05.2026 20:19:20
- Zuletzt bearbeitet 27.05.2026 19:11:47
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
PuTTY 0.71 before 0.84 has an assertion failure in ECDSA signature verification.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.27% | 0.189 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| cve@mitre.org | 3.7 | 2.2 | 1.4 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
|
CWE-617 Reachable Assertion
The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.
https://lists.tartarus.org/pipermail/putty-announce/2026/000042.html
https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/ecdsa-remotely-triggerable-assertion.html