CVE-2026-49238 | Canonical Multipass up to 1.16.2 Host-side SFTP Server sftp_server.cpp path traversal (GHSA-rhp2-23c4-r34w)

Inserito da Angelo Barbosa | Mag 28, 2026 | CVE

A vulnerability has been found in Canonical Multipass up to 1.16.2 and classified as critical. Affected is an unknown function of the file src/sshfs_mount/sftp_server.cpp of the component Host-side SFTP Server. The manipulation leads to path traversal.

This vulnerability is documented as CVE-2026-49238. The attack needs to be performed locally. There is not any exploit available.

The affected component should be upgraded.

CVE-2026-49238 | Canonical Multipass up to 1.16.2 Host-side SFTP Server sftp_server.cpp path traversal (GHSA-rhp2-23c4-r34w)

Post correlati

CVE-2026-2213 | code-projects Online Music Site 1.0 AdminAddAlbum.php txtimage unrestricted upload

CVE-2026-6560 | H3C Magic B0 up to 100R002 /goform/aspForm Edit_BasicSSID param buffer overflow

CVE-2025-1564 | Select-Themes SetSail Membership Plugin up to 1.0.3 on WordPress Social Login authentication bypass

CVE-2024-2865 | Mergen Software Quality Management System up to 25032024 sql injection