CVE-2026-7598

ADVISORY - nist

Summary

A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauth_password of the file src/userauth.c. Such manipulation of the argument username_len/password_len leads to integer overflow. The attack may be launched remotely. The name of the patch is 256d04b60d80bf1190e96b0ad1e91b2174d744b1. A patch should be applied to remediate this issue.

EPSS Score⁠: 0.00069 (0.214)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-189⁠

Numeric Errors

CWE-190⁠

Integer Overflow or Wraparound

Impacted images

Advisories

NIST

CREATED

1 month ago

UPDATED

26 days ago

ADVISORY IDCVE-2026-7598⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-189⁠CWE-190⁠

CVSS SCORE

6.9medium

Alpine

CREATED

24 days ago

UPDATED

1 day ago

ADVISORY IDCVE-2026-7598⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

1 month ago

UPDATED

10 days ago

ADVISORY IDCVE-2026-7598⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

27 days ago

UPDATED

6 days ago

ADVISORY IDCVE-2026-7598⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium

Chainguard

CREATED

24 days ago

UPDATED

24 days ago

ADVISORY ID

CGA-cmxv-rj43-xx86

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

minimos

CREATED

18 days ago

UPDATED

18 days ago

ADVISORY ID

MINI-x2fh-58wp-gxgc

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY