Lucene search
+L

12 matches found

CVE
CVE
added 2026/06/26 7:40 p.m.18 views

CVE-2026-53303

Technical details for CVE-2026-53303 are not publicly provided in the supplied documents; monitoring for updates is advised.

7.1CVSS5.8AI score0.00126EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-55199

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libssh2 through 1.11.1, fixed in commit 1762685, contains a pre-authentication denial of service vulnerability in the SSHMSGEXTINFO handler in src/packet.c that...

8.2CVSS7AI score0.00408EPSS
Exploits1References3
OSV
OSV
added 2026/06/17 8:17 p.m.44 views

DEBIAN-CVE-2026-55199

libssh2 through 1.11.1, fixed in commit 1762685, contains a pre-authentication denial of service vulnerability in the SSHMSGEXTINFO handler in src/packet.c that allows a malicious SSH server to cause a client CPU exhaustion loop by sending a crafted extension count value. A malicious server can s...

7.5CVSS5.3AI score0.00408EPSS
Exploits1References1
NVD
NVD
added 2026/06/17 8:17 p.m.27 views

CVE-2026-55199

libssh2 through 1.11.1, fixed in commit 1762685, contains a pre-authentication denial of service vulnerability in the SSHMSGEXTINFO handler in src/packet.c that allows a malicious SSH server to cause a client CPU exhaustion loop by sending a crafted extension count value. A malicious server can s...

8.2CVSS0.00408EPSS
Exploits1References3
OSV
OSV
added 2026/06/17 8:17 p.m.5 views

ALPINE-CVE-2026-55199

libssh2 through 1.11.1, fixed in commit 1762685, contains a pre-authentication denial of service vulnerability in the SSHMSGEXTINFO handler in src/packet.c that allows a malicious SSH server to cause a client CPU exhaustion loop by sending a crafted extension count value. A malicious server can s...

7.5CVSS5.8AI score0.00408EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/17 6:44 p.m.28 views

CVE-2026-55199 libssh2 - Pre-Authentication DoS via SSH_MSG_EXT_INFO Handler

libssh2 through 1.11.1, fixed in commit 1762685, contains a pre-authentication denial of service vulnerability in the SSHMSGEXTINFO handler in src/packet.c that allows a malicious SSH server to cause a client CPU exhaustion loop by sending a crafted extension count value. A malicious server can s...

8.2CVSS0.00408EPSS
Exploits1References3
CVE
CVE
added 2026/06/17 6:44 p.m.196 views

CVE-2026-55199

CVE-2026-55199 affects libssh2 up to version 1.11.1. The vulnerability lies in the SSH_MSG_EXT_INFO handler (src/packet.c), where return values from _libssh2_get_string() are unchecked. During key exchange, a malicious SSH server can set nr_extensions to 0xFFFFFFFF, causing the client to spin in ...

8.2CVSS5.3AI score0.00408EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/17 6:44 p.m.12 views

CVE-2026-55199 libssh2 - Pre-Authentication DoS via SSH_MSG_EXT_INFO Handler

libssh2 through 1.11.1, fixed in commit 1762685, contains a pre-authentication denial of service vulnerability in the SSHMSGEXTINFO handler in src/packet.c that allows a malicious SSH server to cause a client CPU exhaustion loop by sending a crafted extension count value. A malicious server can s...

8.2CVSS5.3AI score0.00408EPSS
Exploits1References3
EUVD
EUVD
added 2026/06/17 6:44 p.m.13 views

EUVD-2026-37782

libssh2 through 1.11.1, fixed in commit 1762685, contains a pre-authentication denial of service vulnerability in the SSHMSGEXTINFO handler in src/packet.c that allows a malicious SSH server to cause a client CPU exhaustion loop by sending a crafted extension count value. A malicious server can s...

8.2CVSS5.3AI score0.00408EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2026/06/17 6:44 p.m.11 views

CVE-2026-55199

libssh2 through 1.11.1, fixed in commit 1762685, contains a pre-authentication denial of service vulnerability in the SSHMSGEXTINFO handler in src/packet.c that allows a malicious SSH server to cause a client CPU exhaustion loop by sending a crafted extension count value. A malicious server can s...

8.2CVSS5.3AI score0.00408EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.23 views

PT-2026-50527

Name of the Vulnerable Software and Affected Versions libssh2 versions prior to 1.11.1 Description A pre-authentication denial of service issue exists in the SSH MSG EXT INFO handler within src/packet.c. A malicious SSH server can trigger a CPU exhaustion loop on the client by sending a crafted...

9.2CVSS5.9AI score0.00732EPSS
Exploits11References42
OSV
OSV
added 2026/03/19 2:8 p.m.8 views

CLSA-2026-1773929316 Fix CVE(s): CVE-2026-3731

SECURITY UPDATE: remote out-of-bounds read in SFTP extension name handler - debian/patches/CVE-2026-3731.patch: Fix out-of-bound read from sftp extensions; correct index comparison from '' to '=' and prevent access past extension count. - CVE-2026-3731...

7.5CVSS6.1AI score0.00631EPSS
Exploits0References1
Rows per page
Query Builder