SecAlerts
CVE ListPricingSign Up
PuTTY logo

PuTTY

Security Risk Profile

18
/100
low

Security Risk Score

Comprehensive risk assessment based on 40 vulnerabilities, EPSS scores, exploitation status, and remediation availability.

📅 Data spans from June 1, 2000 to present

40
Total CVEs
20
Critical+High
0
Exploited
11
Unpatched

Threat Assessment

Avg CVSS
6.7
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
11
Critical/High
Risk Level
18/100
low
🆕 4Fresh (<7d)📈 4 in Last 30 Days

Severity Distribution

Critical
9
High
11
Medium
8
Low
8

Exploit Likelihood

>50% chance
0
20-50%
0
5-20%
0
<5%
2

Age Distribution

Common Weaknesses (CWE)

1
Buffer Overflow
11
2
Input Validation
4
3
Infoleak
2
4
Integer Overflow
2
5
Double Free
1

Most Affected Products

1. Putty PuTTY161
2. WinSCP WinSCP39
3. Cisco IOS32
4. Fedoraproject Fedora17
5. Fortinet FortiSIEM11

Recent Vulnerabilities

See more →
CVE-2026-48852
CVSS 3.7low
5/25/2026🔧 No Patch
CVE-2026-48851
CVSS 3.1low
5/25/2026🔧 No Patch
CVE-2026-48850
CVSS 3.7low
5/25/2026🔧 No Patch
https://seclists.org/oss-sec/2026/q2/688
unknown

PuTTY 0.84 leased with 3 minor security fixes

5/24/2026🔧 No Patch
CVE-2026-4115
CVSS 2.9EPSS 0%low

PuTTY Ed25519 Signature ecc-ssh.c eddsa_verify signature verification

3/22/2026🔧 No Patch
https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/
unknown

PuTTY SSH client flaw allows recovery of cryptographic private keys

4/16/2024🔧 No Patch
https://seclists.org/oss-sec/2024/q2/122
unknown

CVE-2024-31497: Secret Key Recovery of NIST P-521 Private Keys Through Biased ECDSA Nonces in PuTTY Client

4/15/2024🔧 No Patch
CVE-2024-31497
CVSS 5.9EPSS 0%medium

Secret Key Recovery of NIST P-521 Private Keys Through Biased ECDSA Nonces in PuTTY Client

4/15/2024
https://seclists.org/oss-sec/2023/q4/297
unknown

CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)

12/19/2023🔧 No Patch
CVE-2023-48795
CVSS 6.0medium

OpenSSH Terrapin attack (CVE-2023-48795)

12/12/2023

Monitor PuTTY in Real-Time

Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
Powered bySecAlerts

Monitor Your Software Stack in Real-Time

Get instant alerts when vulnerabilities are discovered in your software stack. Stay ahead of security threats with SecAlerts.

Start Free TrialBook a Demo
AboutNewsDocumentationTermsContact

© 2026 SecAlerts Pty Ltd. All rights reserved.