CVE-2026-48851

CVSS 3.1 · Low EPSS 0.03% · P9 Updated May 26, 2026

Possible ATT&CK Techniques 1AI

T1190 · Exploit Public-Facing Application

Affected Version Matrix 1

Vendor	Product	Version Range	Status
PuTTY	PuTTY	`0.77< 0.84`	affected

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-48851

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

PuTTY 0.77 before 0.84 uses a copy of the PuTTY icon as a trust indication for TELNET data but the trust status is not cleared between proxy authentication and the main session.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N

Source: NVD (National Vulnerability Database)

Vulnerability Type

关键信息的UI错误表达

Source: NVD (National Vulnerability Database)

Vulnerability Title

PuTTY 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

PuTTY是Simon Tatham个人开发者的一套免费的Telnet、Rlogin和SSH客户端软件。该软件主要用于对Linux系统进行远程管理。 PuTTY 0.84之前版本存在安全漏洞，该漏洞源于使用PuTTY图标副本作为TELNET数据的信任指示，但代理认证和主会话之间未清除信任状态。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
PuTTY	PuTTY	0.77 ~ 0.84	-

II. Public POCs for CVE-2026-48851

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2026-48851

请登录查看更多情报信息。

Vendor Advisories for CVE-2026-48851 (1)

🔗 PuTTY vulnerability telnet-trust-sigil

Mailing List Discussions for CVE-2026-48851 (1)

🔗 PuTTY 0.84 is released

https://nvd.nist.gov/vuln/detail/CVE-2026-48851

Same Patch Batch · PuTTY · 2026-05-25 · 3 CVEs total

CVE-2026-48850	3.7 LOW	PuTTY 资源管理错误漏洞
CVE-2026-48852	3.7 LOW	PuTTY 安全漏洞

IV. Related Vulnerabilities

Same product: PuTTY

Same vendor: PuTTY

Same weakness: CWE-451

V. Comments for CVE-2026-48851

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2026-48851

Possible ATT&CK Techniques 1AI

Affected Version Matrix 1

I. Basic Information for CVE-2026-48851

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2026-48851

III. Intelligence Information for CVE-2026-48851

Vendor Advisories for CVE-2026-48851 (1)

Mailing List Discussions for CVE-2026-48851 (1)

Same Patch Batch · PuTTY · 2026-05-25 · 3 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2026-48851

Leave a comment