The reporter of vuln-pscp-sink-sscanf asked for a key to encrypt the vulnerability report with, and having generated one, it seemed like a good idea to make it part of the official PuTTY GPG key set and publish it for the next person to use.