VYPR
High severity7.3NVD Advisory· Published May 1, 2026· Updated May 7, 2026

CVE-2026-7598

CVE-2026-7598

Description

A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauth_password of the file src/userauth.c. Such manipulation of the argument username_len/password_len leads to integer overflow. The attack may be launched remotely. The name of the patch is 256d04b60d80bf1190e96b0ad1e91b2174d744b1. A patch should be applied to remediate this issue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6

Patches

Vulnerability mechanics

References

5

News mentions

1