CVE-2026-55199 | libssh2 up to 1.11.1 SSH_MSG_EXT_INFO src/packet.c _libssh2_get_string infinite loop

Inserito da Angelo Barbosa | Giu 17, 2026 | CVE

A vulnerability has been found in libssh2 up to 1.11.1 and classified as problematic. Affected by this issue is the function _libssh2_get_string of the file src/packet.c of the component SSH_MSG_EXT_INFO Handler. This manipulation causes infinite loop.

The identification of this vulnerability is CVE-2026-55199. It is possible to initiate the attack remotely. There is no exploit available.

The affected component should be upgraded.

CVE-2026-55199 | libssh2 up to 1.11.1 SSH_MSG_EXT_INFO src/packet.c _libssh2_get_string infinite loop

Post correlati

CVE-2024-9978 | OpenHarmony up to 4.1.1 out-of-bounds

CVE-2024-41704 | LibreChat up to 0.7.4-rc1 Image pathname traversal

CVE-2025-41693 | Phoenix Contact K1 up to 3.49 allocation of resources (VDE-2025-071)

CVE-2025-12211 | Tenda O3 1.0.0.10(2478) /goform/setDmzInfo SetValue/GetValue dmzIP stack-based overflow