CVE-2026-10650 | warmcat libwebsockets up to 4.5.8 SSH Protocol sshd.c lws_ssh_parse_plaintext msg_len resource consumption

Inserito da Angelo Barbosa | Giu 2, 2026 | CVE

A vulnerability was found in warmcat libwebsockets up to 4.5.8. It has been declared as problematic. This issue affects the function lws_ssh_parse_plaintext of the file plugins/protocol_lws_ssh_base/sshd.c of the component SSH Protocol Handler. Executing a manipulation of the argument msg_len can lead to resource consumption.

The identification of this vulnerability is CVE-2026-10650. The attack may be launched remotely. Furthermore, there is an exploit available.

A patch should be applied to remediate this issue.

CVE-2026-10650 | warmcat libwebsockets up to 4.5.8 SSH Protocol sshd.c lws_ssh_parse_plaintext msg_len resource consumption

Post correlati

CVE-2024-4344 | Shield Security Plugin up to 19.1.13 on WordPress cross-site request forgery

CVE-2023-54138 | Linux Kernel up to 5.15.111/6.1.28/6.2.15/6.3.2 null pointer dereference

CVE-2024-39927 | Ricoh IM C3510 prior 2.00-00 Request out-of-bounds write (ricoh-2024-000008)

CVE-2025-37729 | Elastic Cloud Enterprise up to 3.8.1/4.0.1 Template Engine special elements used in a template engine