CVE-2019-9894 (putty)

A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification.
Source: NIST