scp in OpenSSH before 10.4 may place a file in the parent directory of an intended directory when the copy occurs between two remote destinations.
Metrics
Affected Vendors & Products
References
History
Sat, 11 Jul 2026 00:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | openssh: OpenSSH: `scp` file misplacement vulnerability during remote copy | |
| Weaknesses | CWE-22 | |
| References |
| |
| Metrics |
threat_severity
|
threat_severity
|
Fri, 10 Jul 2026 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | scp Remote-to-Remote Transfer Improper File Placement |
Thu, 09 Jul 2026 11:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | scp Remote-to-Remote Transfer Improper File Placement |
Wed, 08 Jul 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Wed, 08 Jul 2026 01:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | scp in OpenSSH before 10.4 may place a file in the parent directory of an intended directory when the copy occurs between two remote destinations. | |
| First Time appeared |
Openbsd
Openbsd openssh |
|
| Weaknesses | CWE-23 | |
| CPEs | cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Openbsd
Openbsd openssh |
|
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: mitre
Published: 2026-07-08T00:07:07.759Z
Updated: 2026-07-08T13:03:41.694Z
Reserved: 2026-07-08T00:07:07.370Z
Link: CVE-2026-59996
Updated: 2026-07-08T13:03:38.853Z
No data.