Resource exhaustion in Erlang Otp

CVE-2026-54886

Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Erlang OTP ssh (ssh_sftpd module) allows an authenticated SFTP user to render an SFTP channel permanently unresponsive. The handle_data/4 function in ssh_sftpd contai…

Vulnerability class: DoS (Denial of Service)

Affected products

  • Erlang Otp — versions 3.0.1, 17.0, 84adefa3318eef8631bf25cd233246a86eea18cd

Weakness classification (CWE)

References