Unrated severityOSV Advisory· Published Jan 6, 2026· Updated Jan 6, 2026
Client SCP Request Triggers Buffer Overread by 1 Byte
CVE-2025-15382
Description
A heap buffer over-read vulnerability exists in the wolfSSH_CleanPath() function in wolfSSH. An authenticated remote attacker can trigger the issue via crafted SCP path input containing '/./' sequences, resulting in a heap over read by 1 byte.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.