CVE-2026-48850 | THREATINT

Description

PuTTY 0.72 before 0.84 has a double free in RSA KEX.

PUBLISHED Reserved 2026-05-25 | Published 2026-05-25 | Updated 2026-05-26 | Assigner mitre

LOW: 3.7CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

Problem types

CWE-415 Double Free

Product status

Default status

unaffected

0.72 (custom) before 0.84

affected

References

lists.tartarus.org/pipermail/putty-announce/2026/000042.html

www.chiark.greenend.org.uk/...shlist/rsakex-double-free.html

cve.org (CVE-2026-48850)

nvd.nist.gov (CVE-2026-48850)

Download JSON

help @ threatint.eu