A vulnerability has been found in libssh2 up to 1.11.1 and classified as problematic . Affected by this issue is the function _libssh2_get_string of the file src/packet.c of the component SSH_MSG_EXT_INFO Handler . This manipulation causes infinite loop. The identification of this vulnerability is CVE-2026-55199 . It is possible to initiate the attack remotely. There is no exploit available. The affected component should be upgraded.