Public PoC Released for Critical libssh2 CVE-2026-55200 Client-Side SSH Flaw

Public PoC Released for Critical libssh2 CVE-2026-55200 Client-Side SSH Flaw Swati KhandelwalJun 29, 2026Vulnerability / Open Source A public proof-of-concept is now out for CVE-2026-55200, a critical flaw in libssh2 that lets a malicious or compromised SSH server trigger memory corruption on a connecting client, with possible code execution. No credentials, no user interaction. The bug affects every release up to and including 1.11.1 and carries a CVSS 4.0 score of 9.2. libssh2 is a client-side SSH library, not a server. That distinction matters. It is embedded in curl, Git, PHP, backup agents, firmware updaters, and a long tail of appliances. Anything that links it and reaches out to an untrusted SSH endpoint is a potential target. Many of those copies are statically linked, so a distro package update will not touch them, and you may not know they are there. How the bug works The flaw lives in ssh2_transport_read() in transport.c, the function that parses incoming SSH packets during the handshake. It read the attacker-controlled packet_length field and rejected only values below 1. It never enforced an upper bound. The size calculation adds packet_length to a couple of small values using 32-bit arithmetic, so a length of 0xffffffff wraps around to a tiny number. libssh2 then allocates a buffer sized for the tiny number, while later code writes the full, oversized packet into it. The result is an out-of-bounds heap write, classed as CWE-680, integer overflow to buffer overflow, a classic primitive for code execution. The fix adds the missing check, rejecting any packet_length above LIBSSH2_PACKET_MAXPAYLOAD before the math runs. libssh2 has tripped over this before. In 2019, it shipped version 1.8.1 to fix a batch of nine flaws led by CVE-2019-3855, a near-identical integer overflow in its transport read that also let a malicious server run code on a connecting client. Seven years later, the same class of bug is back in the same code. Security researcher Tristan Madani reported the issue. Maintainers merged the patch through pull request #2052 on June 12. VulnCheck published the CVE on June 17. A public proof-of-concept has been published in "exploitarium," a GitHub archive of exploit code whose author says entries were posted without prior reporting. The archive contains a locally verified SSH trigger scaffold and a controlled local RCE harness for the libssh2 bug, not a turnkey remote exploit. Reliable code execution against a live application would still depend on the target binary, allocator behavior, mitigations, and how the software embeds libssh2. The context is worth weighing. The author concedes the archive went out incomplete, with some entries weak and AI driving the fuzzing. As of now, CISA's exploitation rating for the CVE still reads none, and no in-the-wild use has been reported. What to do There is no fixed libssh2 release yet. The patch sits in the mainline source, and a tagged release is still being prepared, so Linux distributions and downstream projects are backporting it themselves; Debian, for one, already has a repaired build in testing. NHS England Digital has issued an advisory urging affected organizations to update. Inventory everything that links libssh2, including static or bundled copies that package managers will not flag. curl, Git, and PHP deployments are common carriers. Apply a build that includes commit 97acf3d, whether a distro backport or a patched source build, and watch your vendor's advisory channel for release status. Until patched, restrict outbound SSH connections to trusted servers and verify host keys. Give priority to clients that reach external SSH servers or resolve hosts through names that an attacker could redirect. Watch for oversized-packet anomalies and unexplained client crashes. Patch the rest of the batch too: CVE-2026-55199 (CVSS 8.2), a denial of service that traps a connecting client in a CPU loop via a bogus extension count, and CVE-2025-15661 (CVSS 8.3), an SFTP heap over-read. The core issue is a pre-auth memory-corruption bug in code that ships inside more clients and appliances than anyone has fully mapped. The open questions are how fast someone turns the local harness into a dependable remote exploit, and how many bundled copies stay vulnerable because no one remembers they shipped libssh2 inside. Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post. SHARE     Tweet Share Share SHARE  libssh2, Open Source, remote code execution, SSH, Vulnerability ⚡ Top Stories This Week Amadey and StealC Malware Network Disrupted, 27M Stolen Credentials Recovered New Gaslight macOS Malware Uses Prompt Injection to Disrupt AI-Assisted Analysis Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes Google Sets Sept. 30 Deadline for Android Developer Verification in Four Countries 29-Year-Old Squid Proxy Bug 'Squidbleed' Can Leak Cleartext HTTP Requests Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access Fake AI Agent Skill Passed Security Scans and Reportedly Reached 26,000 Agents Chrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability CISA Warns Fortinet Customers as FortiBleed Hits 86,644 FortiGate Devices F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution FortiBleed Targeted FortiGate Firewalls in 110 Million-Credential Harvesting Operation AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution ⚡ Weekly Recap: Browser Bugs, EDR Killers, TV Botnet, OpenBSD Flaw, Android Trojan, and More WhatsApp VBScript Campaign Uses Fake Documents to Install ManageEngine RMM Tool Load More ▼ ⭐ Featured Resources Have You Outgrown Your MDR? 7 Warning Signs Every CISO Should Check Get the 2026 Guide to Govern and Secure Enterprise AI Agents at Scale [Watch Demo] See Which Security Gaps Attackers Could Exploit First AI Can’t Stop Every Attack. Learn How Zero Trust Can Block What’s Unknown