libssh2: Fix of CVE-2026-7598

🗓️ 14 May 2026 19:22:04Reported by CloudLinuxType

cloudlinux

cloudlinux🔗 repo.cloudlinux.com👁 3 Views

Libssh2 fixes CVE-2026-7598 by bounding username and password lengths to prevent overflow.

Reporter	Title	Published	Views	Family All 41
ATTACKERKB	CVE-2026-7598	1 May 202621:30	–	attackerkb
AlpineLinux	CVE-2026-7598	1 May 202621:30	–	alpinelinux
Tenable Nessus	Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-7598)	6 May 202600:00	–	nessus
Tenable Nessus	Fedora 44 : libssh2 (2026-f87ac8187c)	30 May 202600:00	–	nessus
Tenable Nessus	Ubuntu 24.04 LTS / 25.10 / 26.04 LTS : libssh2 vulnerability (USN-8309-1)	27 May 202600:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2026-7598	2 May 202600:00	–	nessus
CBLMariner	CVE-2026-7598 affecting package libssh2 for versions less than 1.11.1-2	6 May 202600:10	–	cbl_mariner
Circl	CVE-2026-7598	6 May 202617:01	–	circl
CNNVD	libssh2 数字错误漏洞	1 May 202600:00	–	cnnvd
CVE	CVE-2026-7598	1 May 202621:30	–	cve

OS	OS Version	Architecture	Package	Package Version	Filename
Centos	6	i686	libssh2	1.4.2	libssh2-1.4.2-3.0.1.el6_10.1.tuxcare.els4.src.rpm
Centos	6	x86_64	libssh2	1.4.2	libssh2-1.4.2-3.0.1.el6_10.1.tuxcare.els4.src.rpm
Centos	6	i686	libssh2-devel	1.4.2	libssh2-1.4.2-3.0.1.el6_10.1.tuxcare.els4.src.rpm
Centos	6	x86_64	libssh2-devel	1.4.2	libssh2-1.4.2-3.0.1.el6_10.1.tuxcare.els4.src.rpm
Centos	6	x86_64	libssh2-docs	1.4.2	libssh2-1.4.2-3.0.1.el6_10.1.tuxcare.els4.src.rpm

14 May 2026 19:22Current

7.2High risk

Vulners AI Score7.2

CVSS 46.9

CVSS 3.17.3

CVSS 27.5

CVSS 37.3

EPSS0.00075

SSVC

libssh2 username length bound password length bound overflow prevention unix platform