CVE-2026-48859 | Erlang OTP up to 29.0.1 lib/ssh/src/ssh_auth.erl timing discrepancy (GHSA-3w6p-vwhf-wvp4)

A vulnerability classified as problematic was found in Erlang OTP up to 29.0.1. This affects an unknown function in the library lib/ssh/src/ssh_auth.erl. Such manipulation leads to observable timing discrepancy.

This vulnerability is uniquely identified as CVE-2026-48859. The attack can be launched remotely. No exploit exists.

Upgrading the affected component is advised.VulDB Recent EntriesRead More