93 matches found
ROOT-OS-DEBIAN-12-CVE-2026-7598 CVE-2026-7598 in rootio-libssh2 - Patched by Root
Root has patched CVE-2026-7598 in the rootio-libssh2 package for Root:Debian:12. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2026-7598 CVE-2026-7598 in rootio-libssh2 - Patched by Root
Root has patched CVE-2026-7598 in the rootio-libssh2 package for Root:Debian:11. Multiple fixed versions available...
Photon OS 5.0: Libssh2 PHSA-2026-5.0-0857
An update of the libssh2 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0857. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
CLEANSTART-2026-EA72772 Security fixes for CVE-2024-7598, CVE-2025-13281, CVE-2025-1767, CVE-2025-47911, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61731, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, ghsa-4x4m-3c2p-qppc, ghsa-r6j8-c6r2-37rr applied in versions: 2.12.6-r0, 2.12.6-r1
Multiple security vulnerabilities affect the ip-masq-agent package. These issues are resolved in later releases. See references for individual vulnerability details...
CVE-2026-7598 vulnerabilities
Vulnerabilities for packages: libssh2...
Medium: libssh2
Issue Overview: A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauthpassword of the file src/userauth.c. Such manipulation of the argument usernamelen/passwordlen leads to integer overflow. The attack may be launched remotely. The name ...
Amazon Linux 2 : libssh2, --advisory ALAS2-2026-3329 (ALAS-2026-3329)
The version of libssh2 installed on the remote host is prior to 1.4.3-12. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3329 advisory. A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauthpassword of the...
Amazon Linux 2023 : libssh2, libssh2-devel (ALAS2023-2026-1779)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1779 advisory. A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauthpassword of the file src/userauth.c. Such manipulation of the argument...
CLSA-2026-1779216196 libssh2: Fix of CVE-2026-7598
CVE-2026-7598: fix integer overflow in userauthpassword CVE-2026-7598...
CLSA-2026-1778895374 Fix CVE(s): CVE-2026-7598
SECURITY UPDATE: Fix integer overflow in userauthpassword usernamelen/passwordlen bounds checks - debian/patches/CVE-2026-7598.patch: Fix integer overflow in userauthpassword usernamelen/passwordlen bounds checks - CVE-2026-7598...
CLSA-2026-1778745959 libssh2: Fix of CVE-2026-7598
CVE-2026-7598: add usernamelen/passwordlen bounds checks in userauthlist and userauthpassword to prevent integer overflow when allocating the SSH USERAUTHREQUEST packet buffer...
CLSA-2026-1778247114 libssh2: Fix of CVE-2026-7598
CVE-2026-7598: fix integer overflow in userauthpassword CVE-2026-7598...
CVE-2026-7598
creationtimestamp| type| source ---|---|--- 2026-05-06 17:01:17+00:00| seen| https://bsky.app/profile/nixpkgssecuritychanges.gerbet.me/post/3ml76ieixcb2n 2026-05-28 19:39:05+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mmwrkm742c2b 2026-05-28 19:39:06+00:00| seen|...
UBUNTU-CVE-2026-7598
A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauthpassword of the file src/userauth.c. Such manipulation of the argument usernamelen/passwordlen leads to integer overflow. The attack may be launched remotely. The name of the patch is...
CVE-2026-7598 libssh2 userauth.c userauth_password integer overflow
A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauthpassword of the file src/userauth.c. Such manipulation of the argument usernamelen/passwordlen leads to integer overflow. The attack may be launched remotely. The name of the patch is...
CVE-2026-7598
A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauthpassword of the file src/userauth.c. Such manipulation of the argument usernamelen/passwordlen leads to integer overflow. The attack may be launched remotely. The name of the patch is...
CVE-2026-7598
A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauthpassword of the file src/userauth.c. Such manipulation of the argument usernamelen/passwordlen leads to integer overflow. The attack may be launched remotely. The name of the patch is...
CLEANSTART-2026-TO88856 Security fixes for CVE-2023-7256, CVE-2024-7598, CVE-2024-8006, CVE-2025-1767, CVE-2025-47914, CVE-2025-58181, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-67499, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186 applied in versions: 3.31.2-r0, 3.31.2-r1, 3.31.2-r2
Multiple security vulnerabilities affect the calico-fips package. These issues are resolved in later releases. See references for individual vulnerability details...
MiracleLinux 7 : rh-nodejs12-nodejs-12.18.2-1.el7 (AXSA:2020-219:03)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-219:03 advisory. ICU: Integer overflow in UnicodeString::doAppend CVE-2020-10531 nghttp2: overly large SETTINGS frames can lead to DoS CVE-2020-11080 nodejs-minimist:...
RockyLinux 9 : .NET 8.0 (RLSA-2025:7598)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:7598 advisory. dotnet: .NET and Visual Studio Spoofing Vulnerability CVE-2025-26646 Tenable has extracted the preceding description block directly from the RockyLinux security...