Product
CVE-2026-59996 details a vulnerability in OpenSSH's `scp` utility, allowing a remote attacker to cause a copied file to be placed in a parent directory of the intended destination during a remote-to-remote transfer, potentially leading to unintended file system modification.