New SSH Integer Overflow Vulnerability (CVE-2026-58050) Disclosed in libssh2
A problematic integer overflow vulnerability (CVE-2026-58050) has been discovered in libssh2 up to version 1.11.1. A malicious SSH server could exploit this flaw by sending a specially crafted publickey-subsystem response, leading to a heap buffer overflow in connecting libssh2 clients and potentially impacting confidentiality, integrity, and availability.
Want more?
Open NewsSnap.ai for the full app experience, including audio, personalization, and more news tools.