‼️🚨 Critical remote code execution in libssh2, the SSH client library embedded in countless tools: CVE-2026-55200, rated CVSS 9.2 by VulnCheck. Every version up to and including 1.11.1 is affected.
It's an out-of-bounds heap write in ssh2_transport_read(), which fails to bound-check the SSH packet_length field. A malicious or MITM'd SSH server can send oversized packets to corrupt memory and run code on the connecting client.
No known exploitation yet and it's not in CISA's KEV. Fix: move to a build that includes commit 7acf3df (PR #2052), and inventory anything that links libssh2 for SSH, SCP, or SFTP.
Every iPhone with an A12 or A13 chip - XS/XR, 11, 2020 SE - has an unpatchable SecureROM exploit. The root bug is in Synopsys’s USB controller, and is exploitable. Requires physical access. Solution: buy a new iPhone. https://t.co/xF1JIJrEke
this c code looks harmless on first glance but mimics one the most famous & dangerous bugs in OpenSSL.
It's not your typical buffer overflow exploit but much worse in reality.
can you tell why is it so?