SECURITYTHE HACKER NEWS
Public PoC Released for Critical libssh2 CVE-2026-55200 Client-Side SSH Flaw
A public proof-of-concept has been released for CVE-2026-55200, a critical vulnerability in the libssh2 client-side SSH library. The flaw allows a malicious or compromised SSH server to trigger memory corruption and potential code execution on a client without requiring credentials or user interaction, affecting all versions up to 1.11.1 with a CVSS 4.0 score of 9.2.
Related Signal
Adjacent reporting
- New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution
- Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication
- DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability
- Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks