Lucene search
K

908 matches found

Fedora
Fedora
added 2 days ago6 views

[SECURITY] Fedora 43 Update: libssh2-1.11.1-9.fc43

libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS22, SECSH-USERAUTH25, SECSH-CONNECTION23, SECSH-ARCH20, SECSH-FILEXFER06, SECSH-DHGEX04, and SECSH-NUMBERS10...

9.2CVSS7.1AI score0.00732EPSS
Exploits11
OSV
OSV
added 2026/07/03 10:19 a.m.4 views

ROOT-OS-DEBIAN-13-CVE-2026-58050 CVE-2026-58050 in rootio-libssh2 - Patched by Root

Root has patched CVE-2026-58050 in the rootio-libssh2 package for Root:Debian:13. Multiple fixed versions available...

8.3CVSS7AI score0.00333EPSS
Exploits0
OSV
OSV
added 2026/07/03 9:56 a.m.3 views

ROOT-OS-DEBIAN-12-CVE-2026-55200 CVE-2026-55200 in rootio-libssh2 - Patched by Root

Root has patched CVE-2026-55200 in the rootio-libssh2 package for Root:Debian:12. Multiple fixed versions available...

9.2CVSS7.3AI score0.00732EPSS
Exploits11
Ubuntu
Ubuntu
added 2026/06/30 12:41 p.m.11 views

USN-8486-1: libssh2 vulnerabilities

It was discovered that libssh2 incorrectly handled the sftpsymlink function. A malicious SSH server or machine-in-the-middle attacker could possibly use this issue to obtain sensitive information or cause a denial of service. CVE-2025-15661 It was discovered that libssh2 had a pre-authentication...

9.2CVSS7.6AI score0.00732EPSS
Exploits11
OSV
OSV
added 2026/06/30 12:41 p.m.4 views

USN-8486-1 libssh2 vulnerabilities

It was discovered that libssh2 incorrectly handled the sftpsymlink function. A malicious SSH server or machine-in-the-middle attacker could possibly use this issue to obtain sensitive information or cause a denial of service. CVE-2025-15661 It was discovered that libssh2 had a pre-authentication...

9.2CVSS7.6AI score0.00732EPSS
Exploits11References4
Tenable Nessus
Tenable Nessus
added 2026/06/30 12:0 a.m.12 views

Photon OS 5.0: Libssh2 PHSA-2026-5.0-0900

An update of the libssh2 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0900. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

9.2CVSS7.2AI score0.00732EPSS
Exploits11References2
RedhatCVE
RedhatCVE
added 2026/06/29 2:58 p.m.9 views

CVE-2026-58051

A flaw in libssh2 allows a malicious SSH server to send a malformed public key response, triggering an invalid memory cleanup. This can cause the connecting client application to crash or leak information. Mitigation To mitigate this issue, ensure your applications connect only to trusted and...

8.3CVSS5.8AI score0.0028EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/29 2:41 p.m.11 views

CVE-2026-58050

A flaw in libssh2 allows a malicious SSH server to trigger a memory overflow by sending a manipulated attribute count. This can cause the connecting client to crash or allow unauthorized code execution. Mitigation To mitigate this issue,ensure your applications are running strictly on 64-bit...

8.3CVSS5.9AI score0.00333EPSS
Exploits0References6
Chainguard
Chainguard
added 2026/06/29 2:16 p.m.8 views

CVE-2026-55200 vulnerabilities

Vulnerabilities for packages: libssh2...

9.2CVSS7.3AI score0.00732EPSS
Exploits11
Chainguard
Chainguard
added 2026/06/29 2:16 p.m.8 views

GHSA-R8MH-X5QV-7GG2 vulnerabilities

Vulnerabilities for packages: libssh2...

5.8AI score
Exploits0
Wolfi
Wolfi
added 2026/06/29 2:16 p.m.9 views

CVE-2026-55200 vulnerabilities

Vulnerabilities for packages: libssh2...

9.2CVSS7.3AI score0.00732EPSS
Exploits11
Wolfi
Wolfi
added 2026/06/29 2:16 p.m.12 views

GHSA-R8MH-X5QV-7GG2 vulnerabilities

Vulnerabilities for packages: libssh2...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/29 7:6 a.m.20 views

Public PoC Released for Critical libssh2 CVE-2026-55200 Client-Side SSH Flaw

A public proof-of-concept is now out for CVE-2026-55200, a critical flaw in libssh2 that lets a malicious or compromised SSH server trigger memory corruption on a connecting client, with possible code execution. No credentials, no user interaction. The bug affects every release up to and includin...

9.8CVSS7.8AI score0.00732EPSS
Exploits11
Fedora
Fedora
added 2026/06/29 12:58 a.m.4 views

[SECURITY] Fedora 44 Update: libssh2-1.11.1-9.fc44

libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS22, SECSH-USERAUTH25, SECSH-CONNECTION23, SECSH-ARCH20, SECSH-FILEXFER06, SECSH-DHGEX04, and SECSH-NUMBERS10...

9.2CVSS7.4AI score0.00732EPSS
Exploits11
Tenable Nessus
Tenable Nessus
added 2026/06/29 12:0 a.m.7 views

Fedora 44 : libssh2 (2026-ca858b3ed8)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-ca858b3ed8 advisory. This update addresses a few security issues, one of which could plausibly result in remote code execution. Tenable has extracted the preceding...

9.2CVSS7.6AI score0.00732EPSS
Exploits11References4
NVD
NVD
added 2026/06/28 2:16 a.m.13 views

CVE-2026-58050

libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey-subsystem response and uses it in the allocation numattrs sizeoflibssh2publickeyattribute without bounds checking, so on 32-bit platforms the multiplication overflows to an undersized buffer. A malicious S...

8.3CVSS0.00333EPSS
Exploits0References3
NVD
NVD
added 2026/06/28 2:16 a.m.13 views

CVE-2026-58051

libssh2 through 1.11.1 grows its publickey list with SSH2REALLOC but does not zero-initialize new entries before parsing populates them, so a parse failure reaching the cleanup path leaves libssh2publickeylistfree operating on an uninitialized entry. A malicious SSH server offering the publickey...

8.3CVSS0.0028EPSS
Exploits0References3
OSV
OSV
added 2026/06/28 2:16 a.m.13 views

DEBIAN-CVE-2026-58051

libssh2 through 1.11.1 grows its publickey list with SSH2REALLOC but does not zero-initialize new entries before parsing populates them, so a parse failure reaching the cleanup path leaves libssh2publickeylistfree operating on an uninitialized entry. A malicious SSH server offering the publickey...

8.3CVSS5.8AI score0.0028EPSS
Exploits0References1
OSV
OSV
added 2026/06/28 2:16 a.m.4 views

UBUNTU-CVE-2026-58050

libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey-subsystem response and uses it in the allocation numattrs sizeoflibssh2publickeyattribute without bounds checking, so on 32-bit platforms the multiplication overflows to an undersized buffer. A malicious S...

8.3CVSS6AI score0.00333EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2026/06/28 1:32 a.m.5 views

CVE-2026-58051

libssh2 through 1.11.1 grows its publickey list with SSH2REALLOC but does not zero-initialize new entries before parsing populates them, so a parse failure reaching the cleanup path leaves libssh2publickeylistfree operating on an uninitialized entry. A malicious SSH server offering the publickey...

8.3CVSS5.8AI score0.0028EPSS
Exploits0
Rows per page
Query Builder