Public PoC Released for Critical libssh2 CVE-2026-55200 Client-Side SSH Flaw

Public PoC Released for Critical libssh2 CVE-2026-55200 Client-Side SSH Flaw

/in

A public proof-of-concept is now out for CVE-2026-55200, a critical flaw in libssh2 that lets a malicious or compromised SSH server trigger memory corruption on a connecting client, with possible code execution. No credentials, no user interaction. The bug affects every release up to and including 1.11.1 and carries a CVSS 4.0 score of 9.2.

libssh2 is a client-side SSH library, not a server.

The Hacker News – ​Read More

OpenAI Unveils GPT-5.6 Sol as Its Most Advanced Cybersecurity AIHijacked npm and Go Packages Use VS Code Tasks to Deploy Python InfostealerHijacked npm and Go Packages Use VS Code Tasks to Deploy Python Infostealer