Critical libssh2 Vulnerability Allows Attackers to Execute Remote Code Via Malicious SSH packets
Cybersecurity NewsArchived Jun 23, 2026✓ Full text saved
A critical security vulnerability has been identified in the widely used libssh2 library, allowing remote attackers to execute arbitrary code through specially crafted SSH packets. The flaw, tracked as CVE-2026-55200, carries a CVSS score of 9.2 and is classified under CWE-680 (Integer Overflow to Buffer Overflow). Disclosed on June 17, 2026, the vulnerability affects libssh2 […] The post Critical libssh2 Vulnerability Allows Attackers to Execute Remote Code Via Malicious SSH packets appeared fi
Full text archived locally
✦ AI Summary· Claude Sonnet
HomeCyber Security News
Critical libssh2 Vulnerability Allows Attackers to Execute Remote Code Via Malicious SSH packets
By Abinaya
June 23, 2026
A critical security vulnerability has been identified in the widely used libssh2 library, allowing remote attackers to execute arbitrary code through specially crafted SSH packets.
The flaw, tracked as CVE-2026-55200, carries a CVSS score of 9.2 and is classified under CWE-680 (Integer Overflow to Buffer Overflow).
Disclosed on June 17, 2026, the vulnerability affects libssh2 versions 1.11.1 and earlier and was fixed in commit 7acf3df, with an official patch available through the project’s GitHub repository.
libssh2 Vulnerability
The flaw resides in the ssh2_transport_read() function, which fails to validate the packet_length field in incoming SSH packets properly.
Due to missing upper-bound checks, attackers can supply excessively large values for packet_length, triggering an integer overflow that leads to an out-of-bounds heap write.
This memory corruption condition allows attackers to overwrite adjacent memory structures, potentially enabling full remote code execution without authentication.
Because the attack vector is network-based and requires no user interaction, the risk of exploitation is considered high.
Successful exploitation of CVE-2026-55200 can result in remote code execution on affected systems, allowing attackers to take control of vulnerable applications.
According to the VulnCheck advisory, the flaw can cause heap memory corruption, leading to crashes, denial-of-service conditions, and potentially full system compromise on systems using libssh2 for secure communications.
The CVSS v4 vector reflects low attack complexity and high impact across confidentiality, integrity, and availability. Security researcher Tristan Madani responsibly disclosed the vulnerability, enabling a coordinated fix before widespread exploitation. The issue affects all applications and systems using libssh2 versions 1.11.1 and earlier.
Since libssh2 is widely embedded in SSH clients, automation frameworks, and file transfer tools, the exposure extends across enterprise environments, cloud services, and embedded systems.
The issue has been addressed in a patch introduced by commit 97acf3dfda80c91c3a8c9f2372546301d4a1a7a8, which enforces strict validation of packet_length values to prevent integer and buffer overflows.
Organizations are strongly encouraged to upgrade libssh2 to a patched version as soon as possible.
In addition, security teams should review systems for statically linked or bundled versions of libssh2, monitor SSH traffic for anomalies such as unusually large packet sizes, and implement network-level controls if immediate patching is not feasible.
Follow us on Google News, LinkedIn, and X to Get More Instant Updates.
Tags
cyber security
cyber security news
Copy URL
Linkedin
Twitter
ReddIt
Telegram
Abinayahttps://cybersecuritynews.com/
Abi is a Security Editor and fellow reporter with Cyber Security News. She is covering various cyber security incidents happening in the Cyber Space.
Trending News
27-Year-Old OpenBSD Vulnerability Allows Attackers to Bypass PAP Authentication Entirely
Microsoft’s New Option Allows Organizations to Block Copilot Access to Office Files
Researcher Earns $148,337 for Google Cloud Production RCE Vulnerability
Hackers Compromised 140+ Mastra npm Packages to Deploy Password-Stealing Malware
ClickFix Campaign Uses EtherHiding and GULoader to Infect Windows Users via Fake CAPTCHA
Latest News
Cyber Security News
Researcher Earns $148,337 for Google Cloud Production RCE Vulnerability
Cyber Security
Tata Electronics Data Breach Exposes Confidential Apple and Tesla Documents
Cyber Security News
New Phishing Attack Abuses Outlook and Microsoft 365 Groups Features to Attack Users
Cyber Security News
Critical FFmpeg Vulnerability Allows Attackers to Weaponize Media Files
Cyber Security
Hackers Using FortigateSniffer Tool That Turns Compromised Firewalls Into Password Collectors