{"id":"JLSEC-2026-660","summary":"libssh2 through 1.11.1, fixed in commit 1762685, contains a pre-authentication denial of service...","details":"libssh2 through 1.11.1, fixed in commit 1762685, contains a pre-authentication denial of service vulnerability in the SSH_MSG_EXT_INFO handler in src/packet.c that allows a malicious SSH server to cause a client CPU exhaustion loop by sending a crafted extension count value. A malicious server can set nr_extensions to 0xFFFFFFFF during key exchange, causing the client to spin in a tight CPU loop for over 60 seconds because return values from _libssh2_get_string() are unchecked and the session timeout does not apply to CPU-bound loops.","modified":"2026-07-10T14:04:59.678707834Z","published":"2026-07-10T13:57:40.607Z","upstream":["CVE-2026-55199","EUVD-2026-37782","GHSA-3cfq-4xx4-rmpg"],"database_specific":{"license":"CC-BY-4.0","sources":[{"published":"2026-06-17T20:17:28.520Z","url":"https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2026-55199","html_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-55199","database_specific":{"status":"Analyzed"},"id":"CVE-2026-55199","imported":"2026-07-09T16:14:55.269Z","modified":"2026-06-26T19:16:37.353Z"},{"url":"https://api.github.com/advisories/GHSA-3cfq-4xx4-rmpg","html_url":"https://github.com/advisories/GHSA-3cfq-4xx4-rmpg","id":"GHSA-3cfq-4xx4-rmpg","imported":"2026-07-09T16:15:01.193Z","modified":"2026-06-17T21:34:45Z","published":"2026-06-17T21:34:39Z"},{"id":"EUVD-2026-37782","imported":"2026-07-09T16:14:57.240Z","modified":"2026-06-18T15:31:59Z","published":"2026-06-17T18:44:18Z","url":"https://euvdservices.enisa.europa.eu/api/enisaid?id=EUVD-2026-37782","html_url":"https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-37782"}]},"references":[{"type":"WEB","url":"https://github.com/advisories/GHSA-3cfq-4xx4-rmpg"},{"type":"WEB","url":"https://github.com/libssh2/libssh2/commit/17626857d20b3c9a1addfa45979dadcee1cd84a4"},{"type":"WEB","url":"https://github.com/libssh2/libssh2/pull/1864"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-55199"},{"type":"WEB","url":"https://www.vulncheck.com/advisories/libssh2-pre-authentication-dos-via-ssh-msg-ext-info-handler"}],"affected":[{"package":{"name":"LibSSH2_jll","ecosystem":"Julia","purl":"pkg:julia/LibSSH2_jll?uuid=29816b5a-b9ab-546f-933c-edad1886dfa8"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.11.102+0"}]}],"database_specific":{"source":"https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-660.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"}]}