VDB

GO-2026-4697

GO-2026-4697 PUBLISHED

SFTPGo improperly sanitizes placeholders in group home directories/key prefixes in github.com/drakkan/sftpgo

Affected Products

VendorProductVersions
github.comdrakkan/sftpgo/v22.3.0, 2.3.0
github.comdrakkan/sftpgo0, 0

Timeline

  • Mar 16, 2026 CVE Published
  • Mar 23, 2026 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›