CVE-2026-32147: SFTP chroot bypass via path traversal in SSH_FXP_FSETSTAT
Overview
- Severity
- N/A
- Exploit Status
- Not Exploited
- Patch Tuesday
- 2026-Apr
- Released
- 2026-04-26
- EPSS Score
- 0.02% (percentile: 4.0%)
Affected Products (2)
Open Source Software
- azl3 erlang 26.2.5.18-1 on Azure Linux 3.0
- cbl2 erlang 25.3.2.21-5 on CBL Mariner 2.0
Revision History
- 2026-04-26: Information published.