{"id":34634,"date":"2026-01-08T09:31:18","date_gmt":"2026-01-08T09:31:18","guid":{"rendered":"http:\/\/localhost\/?p=34634"},"modified":"2026-01-08T09:31:18","modified_gmt":"2026-01-08T09:31:18","slug":"libssh-global-knownhosts-override","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=34634","title":{"rendered":"libssh global known_hosts override_CVE-2025-15079"},"content":{"rendered":"

{“lastseen”:””,”description”:”When doing SSH-based transfers using either SCP or SFTP, and setting the\\nknown_hosts file, libcurl could still mistakenly accept connecting to hosts\\n*not present* in the specified file if they were added as recognized in the\\nlibssh *global* known_hosts file.”,”published”:”2026-01-08T10:08:13.410Z”,”modified”:”2026-01-08T14:46:47.042Z”,”type”:”cve”,”title”:”libssh global known_hosts override”,”source”:”curl”,”references”:”https:\/\/curl.se\/docs\/CVE-2025-15079.json\\nhttps:\/\/curl.se\/docs\/CVE-2025-15079.html\\nhttps:\/\/hackerone.com\/reports\/3477116″,”id”:”CVE-2025-15079″,”bulletinFamily”:””,”cwe”:[“CWE-297″],”cvelist”:null,”sourceData”:”curl curl 8.17.0\\ncurl curl 8.16.0\\ncurl curl 8.15.0\\ncurl curl 8.14.1\\ncurl curl 8.14.0\\ncurl curl 8.13.0\\ncurl curl 8.12.1\\ncurl curl 8.12.0\\ncurl curl 8.11.1\\ncurl curl 8.11.0\\ncurl curl 8.10.1\\ncurl curl 8.10.0\\ncurl curl 8.9.1\\ncurl curl 8.9.0\\ncurl curl 8.8.0\\ncurl curl 8.7.1\\ncurl curl 8.7.0\\ncurl curl 8.6.0\\ncurl curl 8.5.0\\ncurl curl 8.4.0\\ncurl curl 8.3.0\\ncurl curl 8.2.1\\ncurl curl 8.2.0\\ncurl curl 8.1.2\\ncurl curl 8.1.1\\ncurl curl 8.1.0\\ncurl curl 8.0.1\\ncurl curl 8.0.0\\ncurl curl 7.88.1\\ncurl curl 7.88.0\\ncurl curl 7.87.0\\ncurl curl 7.86.0\\ncurl curl 7.85.0\\ncurl curl 7.84.0\\ncurl curl 7.83.1\\ncurl curl 7.83.0\\ncurl curl 7.82.0\\ncurl curl 7.81.0\\ncurl curl 7.80.0\\ncurl curl 7.79.1\\ncurl curl 7.79.0\\ncurl curl 7.78.0\\ncurl curl 7.77.0\\ncurl curl 7.76.1\\ncurl curl 7.76.0\\ncurl curl 7.75.0\\ncurl curl 7.74.0\\ncurl curl 7.73.0\\ncurl curl 7.72.0\\ncurl curl 7.71.1\\ncurl curl 7.71.0\\ncurl curl 7.70.0\\ncurl curl 7.69.1\\ncurl curl 7.69.0\\ncurl curl 7.68.0\\ncurl curl 7.67.0\\ncurl curl 7.66.0\\ncurl curl 7.65.3\\ncurl curl 7.65.2\\ncurl curl 7.65.1\\ncurl curl 7.65.0\\ncurl curl 7.64.1\\ncurl curl 7.64.0\\ncurl curl 7.63.0\\ncurl curl 7.62.0\\ncurl curl 7.61.1\\ncurl curl 7.61.0\\ncurl curl 7.60.0\\ncurl curl 7.59.0\\ncurl curl 7.58.0″,”sourceHref”:””,”cvss”:{“score”:5.3,”severity”:”MEDIUM”,”vector”:”CVSS:3.1\/AV:N\/AC:H\/PR:N\/UI:R\/S:U\/C:H\/I:N\/A:N”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”curl”,”version”:”8.17.0″,”vendor”:”curl”,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"

{“lastseen”:””,”description”:”When doing SSH-based transfers using either SCP or SFTP, and setting the\\nknown_hosts file, libcurl could still mistakenly accept connecting to hosts\\n*not present* in the specified…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,22,12,21,13,7,11,5],"class_list":["post-34634","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-53","tag-exploit","tag-medium","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\nlibssh global known_hosts override_CVE-2025-15079 - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=34634\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"libssh global known_hosts override_CVE-2025-15079 - zero redgem\" \/>\n<meta property=\"og:description\" content=\"{“lastseen”:””,”description”:”When doing SSH-based transfers using either SCP or SFTP, and setting thenknown_hosts file, libcurl could still mistakenly accept connecting to hostsn*not present* in the specified...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=34634\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2026-01-08T09:31:18+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=34634#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=34634\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"libssh global known_hosts override_CVE-2025-15079\",\"datePublished\":\"2026-01-08T09:31:18+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=34634\"},\"wordCount\":314,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"CVSS-5.3\",\"exploit\",\"MEDIUM\",\"news\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_cve\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=34634#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=34634\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=34634\",\"name\":\"libssh global known_hosts override_CVE-2025-15079 - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2026-01-08T09:31:18+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=34634#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=34634\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=34634#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"libssh global known_hosts override_CVE-2025-15079\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"libssh global known_hosts override_CVE-2025-15079 - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=34634","og_locale":"en_US","og_type":"article","og_title":"libssh global known_hosts override_CVE-2025-15079 - zero redgem","og_description":"{“lastseen”:””,”description”:”When doing SSH-based transfers using either SCP or SFTP, and setting thenknown_hosts file, libcurl could still mistakenly accept connecting to hostsn*not present* in the specified...","og_url":"https:\/\/zero.redgem.net\/?p=34634","og_site_name":"zero redgem","article_published_time":"2026-01-08T09:31:18+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=34634#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=34634"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"libssh global known_hosts override_CVE-2025-15079","datePublished":"2026-01-08T09:31:18+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=34634"},"wordCount":314,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","CVSS-5.3","exploit","MEDIUM","news","Security","tapic","Vulnerability"],"articleSection":["category_cve"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=34634#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=34634","url":"https:\/\/zero.redgem.net\/?p=34634","name":"libssh global known_hosts override_CVE-2025-15079 - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2026-01-08T09:31:18+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=34634#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=34634"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=34634#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"libssh global known_hosts override_CVE-2025-15079"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/34634","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=34634"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/34634\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=34634"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=34634"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=34634"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}