Paramiko — CVE history (PyPI)
Paramiko
2 CVEs affect the Paramiko PyPI package (highest CVSS 5.9). Latest disclosed: 2026-05-06. Full CVE history sourced from NVD.
Summary
- Package
Paramiko(PyPI)- Total CVEs
2- Actively exploited (CISA KEV)
- 0
- Highest CVSS
5.9- Latest disclosed
- 2026-05-06
Recent CVEs (top 2)
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2026-44405 | Low | 3.4 | — | 2026-05-06 | In Paramiko through 4.0.0 before a448945, rsakey.py allows the SHA-1 algorithm. |
CVE-2023-48795 | Medium | 5.9 | — | 2023-12-18 | The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and… |
All-time worst (top 2 by CVSS)
| CVE | Severity | CVSS | KEV | Published | Summary |
|---|---|---|---|---|---|
CVE-2023-48795 | Medium | 5.9 | — | 2023-12-18 | The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and… |
CVE-2026-44405 | Low | 3.4 | — | 2026-05-06 | In Paramiko through 4.0.0 before a448945, rsakey.py allows the SHA-1 algorithm. |