CVE-2026-7598 | libssh2 up to 1.11.1 src/userauth.c userauth_password username_len/password_len integer overflow (ID 1858)

Inserito da Angelo Barbosa | Mag 1, 2026 | CVE

A vulnerability described as critical has been identified in libssh2 up to 1.11.1. The impacted element is the function userauth_password of the file src/userauth.c. Such manipulation of the argument username_len/password_len leads to integer overflow.

This vulnerability is traded as CVE-2026-7598. The attack may be launched remotely. There is no exploit available.

A patch should be applied to remediate this issue.

CVE-2026-7598 | libssh2 up to 1.11.1 src/userauth.c userauth_password username_len/password_len integer overflow (ID 1858)

Post correlati

CVE-2025-5062 | WooCommerce Plugin up to 9.4.2 on WordPress cross site scripting

CVE-2025-20932 | Samsung Notes up to 4.4.21.62 BMP Image Parser out-of-bounds

CVE-2022-49255 | Linux Kernel up to 5.4.188/5.10.109/5.15.32/5.16.18/5.17.1 drop_caches buffer overflow

CVE-2025-66376 | Zimbra Collaboration Suite up to 10.0.17/10.1.12 Classic UI cross site scripting