CVE-2026-40194

Name of the Vulnerable Software and Affected Versions: phpseclib versions 1.0 through 3.0.50

Description: phpseclib versions prior to 3.0.51, 2.0.53, and 1.0.28 have a timing issue in the phpseclibNetSSH2::get binary packet() function. The use of PHP's != operator for comparing SSH packet HMACs results in a variable-time comparison, potentially leaking information about the HMAC. This is due to PHP's != operator on binary strings using memcmp(), which short-circuits on the first differing byte. While the severity is considered low, as practical exploitation is prevented by SSH's disconnect behavior and per-connection session keys, it represents a cryptographic hygiene issue. The vulnerable code path is reached on every received SSH packet when using non-AEAD ciphers and MAC algorithms. The issue exists across all supported branches (master, 3.0, 2.0, 1.0).

Recommendations: Update to phpseclib version 3.0.51 or later. Update to phpseclib version 2.0.53 or later. Update to phpseclib version 1.0.28 or later.