PuTTY versions 0.72 through 0.83 contain a double free bug in the RSA key exchange routine. The vulnerability manifests when the client releases memory twice while processing the RSA parameters received from the server, causing heap corruption. If an attacker can control these parameters, they may exploit the corruption to gain arbitrary code execution or cause a denial of service by crashing the client. The core weakness is reflected in CWE‑415.

The affected products are PuTTY version 0.72, 0.73, 0.74, 0.75, 0.76, 0.77, 0.78, 0.79, 0.80, 0.81, 0.82, and 0.83. Any system using one of these releases as the SSH client is vulnerable; the next major release, 0.84, contains the fix.

The CVSS score of 3.7 indicates moderate severity, and no EPSS score is currently published, so the likelihood of exploitation is unclear. The vulnerability is not listed in the CISA KEV catalog, suggesting no confirmed widespread exploitation. The likely attack vector is remote, stemming from an SSH connection with a malicious server, as the issue is triggered during the RSA key exchange process. Without an automated exploitation tool, the risk remains relatively low but still significant enough to warrant a patch.