PT-2026-50528 · Libssh2 · Libssh2
Tristan Madani
·
Published
2026-06-17
·
Updated
2026-06-17
·
CVE-2026-55200
CVSS v3.1
8.1
High
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
libssh2 versions prior to commit 7acf3df
Description
An out-of-bounds write occurs in the
ssh2 transport read() function because it fails to enforce upper bounds on the packet length field. Remote attackers can send crafted SSH packets with excessively large packet length values to corrupt heap memory, potentially leading to remote code execution.Recommendations
Update to the version containing commit 7acf3df.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Libssh2