Product
wolfssh
7 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-0930
CVE-2025-15382
CVE-2025-14942
CVE-2025-11625
CVE-2025-11624
CVE-2024-2873
CVE-2022-32073
>= 1.4.15 and < 1.5.0
Potential read out of bounds case with wolfSSHd on Windows while handling a terminal resize request. An authenticated user could�
>= 1.4.12 and < 1.4.22
A heap buffer over-read vulnerability exists in the wolfSSH_CleanPath() function in wolfSSH. An authenticated remote attacker can
< 1.4.22
wolfSSH’s key exchange state machine can be manipulated to leak the client’s password in the clear, trick the client to send a
<= 1.4.20
Improper host authentication vulnerability in wolfSSH version 1.4.20 and earlier clients that allows authentication bypass and lea
>= 1.3.0 and <= 1.4.20
Potential stack buffer overwrite on the SFTP server side when receiving a malicious packet that has a handle size larger than the
< 1.4.17
A vulnerability was found in wolfSSH's server-side state machine before versions 1.4.17. A malicious client could create channels
all versions
WolfSSH v1.4.7 was discovered to contain an integer overflow via the function wolfSSH_SFTP_RecvRMDIR.