Zero Day MonitorZDM

← Back to list

7.3

CVE-2026-7598EXPLOITEDPATCHED

libssh2 · libssh2

libssh2 userauth.c userauth_password integer overflow

Description

A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauth_password of the file src/userauth.c. Such manipulation of the argument username_len/password_len leads to integer overflow. The attack may be launched remotely. The name of the patch is 256d04b60d80bf1190e96b0ad1e91b2174d744b1. A patch should be applied to remediate this issue.

Affected Products

Vendor	Product	Versions
libssh2	libssh2	1.11.0, 1.11.1

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
open source	open source libssh2	cert_advisory	90%

References

https://vuldb.com/vuln/360555(vdb-entry, technical-description)
https://vuldb.com/vuln/360555/cti(signature, permissions-required)
https://vuldb.com/submit/805564(third-party-advisory)
https://github.com/libssh2/libssh2/pull/1858(issue-tracking, patch)
https://github.com/libssh2/libssh2/commit/256d04b60d80bf1190e96b0ad1e91b2174d744b1(patch)
https://github.com/libssh2/libssh2/(product)

Related News (3 articles)

Tier B

BSI Advisories54d ago

[NEU] [mittel] libssh2: Schwachstelle ermöglicht Denial of Service

→ No new info (linked only)

Tier A

Microsoft MSRC55d ago

CVE-2026-7598 libssh2 userauth.c userauth_password integer overflow

→ No new info (linked only)

Tier C

VulDB57d ago

CVE-2026-7598 | libssh2 up to 1.11.1 src/userauth.c userauth_password username_len/password_len integer overflow (ID 1858)

→ No new info (linked only)

CVSS 3.17.3 NONE

CISA KEV❌ No

Actively exploited✅ Yes

Patch available

https://github.com/libssh2/libssh2/pull/1858 https://github.com/libssh2/libssh2/commit/256d04b60d80bf1190e96b0ad1e91b2174d744b1

CWECWE-190, CWE-189

PublishedMay 1, 2026

Last enriched54d agov2

Trending Score0

Source articles3

Independent3

Info Completeness9/14

Missing: vendor, epss, kev, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

NONECVE-2026-55200EXP

libssh2 - Out-of-Bounds Write via Unchecked packet_length in transport.c

CRITICALCVE-2026-55199EXP

libssh2 - Pre-Authentication DoS via SSH_MSG_EXT_INFO Handler

CRITICALCVE-2025-15661EXP

libssh2 - Heap Buffer Over-read via sftp_symlink() in sftp.c

MEDIUMCVE-2026-58051

libssh2 - Free of Uninitialized Pointer in publickey List Cleanup

HIGHCVE-2026-58050

libssh2 - Integer Overflow in publickey Subsystem Attribute Allocation

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

May 1, 2026

Discovered by ZDM

May 1, 2026

Updated: description, exploitAvailable, activelyExploited

May 4, 2026

Actively Exploited

May 4, 2026

Exploit Available

May 4, 2026

Patch Available

May 4, 2026

Version History

v2

Last enriched 54d ago

v2Tier B54d ago

Updated description to include Denial of Service attack capability and marked the vulnerability as actively exploited.

descriptionexploitAvailableactivelyExploited

via BSI Advisories

v157d ago

Initial creation