A vulnerability categorized as problematic has been discovered in OpenBSD OpenSSH up to 10.3. This impacts an unknown function of the component SCP. Such manipulation leads to path traversal.

This vulnerability is listed as CVE-2026-59996. The attack may be performed from remote. There is no available exploit.