Zero Day MonitorZDM

← Back to list

9.2

CVE-2026-55200EXPLOITEDPATCHED

libssh2 · libssh2

libssh2 - Out-of-Bounds Write via Unchecked packet_length in transport.c

Description

libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in ssh2_transport_read() that fails to enforce upper bounds on packet_length field. Remote attackers can send crafted SSH packets with excessively large packet_length values to corrupt heap memory and achieve remote code execution.

Affected Products

Vendor	Product	Versions
libssh2	libssh2	0

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
open source	libssh2	cert_advisory	90%

References

https://github.com/libssh2/libssh2/pull/2052(issue-tracking)
https://github.com/libssh2/libssh2/commit/97acf3dfda80c91c3a8c9f2372546301d4a1a7a8(patch)
https://www.vulncheck.com/advisories/libssh2-out-of-bounds-write-via-unchecked-packet-length-in-transport-c(third-party-advisory)

Related News (8 articles)

Tier E

Lobsters Security5h ago

exploitarium: A single archive of public exploit PoCs

→ No new info (linked only)

Tier C

oss-security3d ago

Re: libssh2: CVE-2026-55200 (critical), CVE-2025-15661 (high), CVE-2026-55199 (high)

→ No new info (linked only)

Tier C

oss-security3d ago

Re: libssh2: CVE-2026-55200 (critical), CVE-2025-15661 (high), CVE-2026-55199 (high)

→ No new info (linked only)

Tier C

oss-security4d ago

Re: libssh2: CVE-2026-55200 (critical), CVE-2025-15661 (high), CVE-2026-55199 (high)

→ No new info (linked only)

Tier C

oss-security4d ago

libssh2: CVE-2026-55200 (critical), CVE-2025-15661 (high), CVE-2026-55199 (high)

→ No new info (linked only)

Tier D

Heise Security6d ago

Sicherheitslücken gefährden Verbindungen über libssh2

→ No new info (linked only)

Tier B

BSI Advisories9d ago

[NEU] [hoch] libssh2: Mehrere Schwachstellen

→ No new info (linked only)

Tier C

VulDB10d ago

CVE-2026-55200 | libssh2 up to 1.11.1 SSH ssh2_transport_read integer overflow (7acf3dfda80c91c3a8c9f2372546301d4a1a7a8)

→ No new info (linked only)

CVSS 3.19.2 NONE

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

7acf3dfda80c91c3a8c9f2372546301d4a1a7a8

CWECWE-680

PublishedJun 17, 2026

Last enriched3d agov6

Tags

Denial of ServiceRemote Code ExecutionCVE-2026-55200CVE-2025-15661CVE-2026-55199

Trending Score75

Source articles8

Independent5

Info Completeness11/14

Missing: epss, kev, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (3)

CRITICALCVE-2026-55199EXP

libssh2 - Pre-Authentication DoS via SSH_MSG_EXT_INFO Handler

CRITICALCVE-2025-15661EXP

libssh2 - Heap Buffer Over-read via sftp_symlink() in sftp.c

NONECVE-2026-7598EXP

libssh2 userauth.c userauth_password integer overflow

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Jun 17, 2026

Discovered by ZDM

Jun 17, 2026

Updated: description, severity, activelyExploited

Jun 17, 2026

Updated: severity, exploitAvailable, tags

Jun 18, 2026

Updated: affectedVersions, cweIds, tags

Jun 21, 2026

Updated: severity, cvssEstimate

Jun 23, 2026

Updated: severity, iocs, tags

Jun 24, 2026

Actively Exploited

Jun 25, 2026

Exploit Available

Jun 25, 2026

Patch Available

Jun 25, 2026

Version History

v6

Last enriched 3d ago

v6Tier C3d ago

Updated severity to CRITICAL, marked patch as null, added new IOC URL, and included new CVE tags.

severityiocstags

via oss-security

v5Tier C4d ago

Updated severity to CRITICAL and CVSS score to 9.2.

severitycvssEstimate

via oss-security

v4Tier D6d ago

Updated severity to HIGH, added affected version 1.11.1, and provided new patch version 1.11.1-3 along with additional CWE and tags.

affectedVersionscweIdstags

via Heise Security

v3Tier B9d ago

Updated severity to HIGH, marked exploit as available, and added Denial of Service tag.

severityexploitAvailabletags

via BSI Advisories

v2Tier C10d ago

Updated severity to CRITICAL, changed exploit availability to false, and added a more detailed description of the vulnerability.

descriptionseverityactivelyExploited

via VulDB

v110d ago

Initial creation