SSHFS Flaws Enable Local Code Execution and File Escape
Two vulnerabilities in sshfs were disclosed and fixed in version 3.7.6, affecting versions up to 3.7.5. The more severe issue, CVE-2026-47187, is a symlink escape flaw that lets a rogue SFTP server trick the client into reading from or writing to unintended paths on the local filesystem by returning unsafe symlink targets. The second bug, CVE-2026-48711, is an argument injection weakness in hostname parsing that can turn a crafted mount source into an SSH option, enabling arbitrary local command execution under specific conditions and, in some cases, without requiring SSH authentication.
Public technical details and exploit code have now been released, raising the risk of active abuse against systems that use sshfs to mount remote directories over SFTP. The flaws were privately reported by Abhinav Agarwal and addressed through a coordinated release, but defenders are being urged to upgrade immediately to sshfs 3.7.6 or later and verify trusted remote server keys, as a malicious or spoofed server could otherwise trigger client-side compromise.

Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
4 events from the most recent confirmed update back to the earliest known activity.
Public exploit details released for sshfs vulnerabilities
Public technical details and exploit code became available for the sshfs flaws CVE-2026-47187 and CVE-2026-48711, increasing the urgency to upgrade affected installations.
GitHub publishes advisory for Froxlor CVE-2026-41236
GitHub published an advisory for CVE-2026-41236, describing the Froxlor SSH key synchronization flaw and noting that version 2.3.7 contains the patch.
sshfs 3.7.6 fixes CVE-2026-47187 and CVE-2026-48711
The sshfs maintainers addressed two privately reported vulnerabilities in a coordinated release of version 3.7.6: a symlink escape flaw enabling local file read/write via a rogue SFTP server and an SSH argument injection flaw enabling local command execution.
Froxlor publishes advisory for symlink-based root privilege escalation
A GitHub security advisory disclosed a symlink-following vulnerability in Froxlor 2.3.6 that lets a shell-enabled customer redirect SSH key synchronization to /root/.ssh/authorized_keys and gain root SSH access when the privileged cron task runs.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
4 references tracked. Mallory keeps watching after this page renders.
SSHFS Command Execution Exploit Code Released Publicly
securityonline.info
Open sourceCVE-2026-41236 - Froxlor has privilege escalation in SSH key synchronization via symlinked `authorized_keys` path
cvefeed.io
Open sourcePrivilege escalation in SSH key synchronization via symlinked `authorized_keys` path · Advisory · froxlor/froxlor · GitHub
github.com
Open sourceoss-sec: CVE-2026-47187, CVE-2026-48711: sshfs <= 3.7.5 symlink escape (local file read/write) and ssh argument injection (local command execution)
seclists.org
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.


