CVE-2026-4115 | PuTTY 0.83 Ed25519 Signature crypto/ecc-ssh.c eddsa_verify signature verification

A vulnerability was found in PuTTY 0.83. It has been declared as problematic. Affected is the function eddsa_verify of the file crypto/ecc-ssh.c of the component Ed25519 Signature Handler. The manipulation results in improper verification of cryptographic signature.

This vulnerability was named CVE-2026-4115. The attack may be performed from remote. In addition, an exploit is available.

The real existence of this vulnerability is still doubted at the moment.

It is advisable to implement a patch to correct this issue.

The vendor was contacted early, responded in a very professional manner and quickly released a patch for the affected product. However, at the moment there is no proof that this flaw might have any real-world impact.

CVE-2026-4115 | PuTTY 0.83 Ed25519 Signature crypto/ecc-ssh.c eddsa_verify signature verification

Post correlati

CVE-2024-38295 | ALCASAR up to 3.6.0 still_connected.php Privilege Escalation

CVE-2024-5846 | Google Chrome up to 125.0.6422.141 PDFium use after free (ID 341095)

CVE-2024-2964 | marubon Pocket News Generator Plugin up to 0.2.0 on WordPress Setting option_page cross-site request forgery

CVE-2024-5202 | OpenText Dimensions RM up to 12.11.1.2/12.11.2.5 Webservices information disclosure