Every CVE whose affected-product data names Erlang Erlang/ssh, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2026-48855 — CVSS 6.5 (medium): Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Erlang OTP ssh (ssh_sftpd module) allows File Discovery. The…
CVE-2026-23942 — CVSS 5.4 (medium): Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Erlang OTP (ssh_sftpd module) allows Path…
CVE-2026-23943 — CVSS 5.3 (medium): Improper Handling of Highly Compressed Data (Compression Bomb) vulnerability in Erlang OTP ssh (ssh_transport modules) allows Denial of…
CVE-2026-32147 — CVSS 4.3 (medium): Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Erlang OTP ssh (ssh_sftpd module) allows an…
CVE-2026-53422 — CVSS 4.3 (medium): Observable Response Discrepancy vulnerability in Erlang OTP ssh (ssh_sftpd module) allows an authenticated SFTP user to enumerate the…
CVE-2026-54886 — CVSS 4.3 (medium): Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Erlang OTP ssh (ssh_sftpd module) allows an authenticated SFTP user…