top of page
perceptive_background_267k.jpg

A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauth_password of the file src/userauth.c. Such mani…

Published:

30 april 2026 om 22:00:00

Alert date:

1 mei 2026 om 23:00:46

Source:

nvd.nist.gov

Click to open the original link from this advisory

Network Infrastructure, Supply Chain & Dependencies

A security vulnerability has been identified in libssh2 versions up to 1.11.1. The vulnerability exists in the userauth_password function within the src/userauth.c file. Attackers can manipulate the username_len and password_len arguments to cause an integer overflow condition. This vulnerability can be exploited remotely, making it particularly concerning. A patch has been developed and is available with the commit hash 256d04b60d80bf1190e96b0ad1e91b2174d744b1. Organizations using affected versions of libssh2 should apply the patch immediately to remediate this security issue.

Technical details

Mitigation steps:

Affected products:

libssh2

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-7598
https://github.com/libssh2/libssh2/
https://github.com/libssh2/libssh2/commit/256d04b60d80bf1190e96b0ad1e91b2174d744b1
https://github.com/libssh2/libssh2/pull/1858
https://vuldb.com/submit/805564
https://vuldb.com/vuln/360555
https://vuldb.com/vuln/360555/cti

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page