CyberSec.Space Logo
Back to CVE Browser

CVE-2026-0966

HIGH
8.2
CVSS Severity Score
EPSS Score0.1230%
EPSS Percentile34.66th
PublishedMar 26, 2026
Last ModifiedMay 19, 2026

Vulnerability Description

A flaw was found in libssh. The API function `ssh_get_hexa()` is vulnerable to a denial of service when processing zero-length input. This can be exploited remotely by an attacker during GSSAPI (Generic Security Service Application Program Interface) authentication if the server's logging verbosity is set to `SSH_LOG_PACKET (3)` or higher. Successful exploitation could lead to a self-Denial of Service of the per-connection daemon process.

Affected Platforms (CPE)

πŸ“¦
Libssh

Libssh

< 0.11.4
πŸ“¦
Redhat

Hardened Images

All versions
πŸ“¦
Redhat

Openshift Container Platform

= 4.0
πŸ’»
Redhat

Enterprise Linux

= 8.0
πŸ’»
Redhat

Enterprise Linux

= 9.0
πŸ’»
Redhat

Enterprise Linux

= 10.0

References & Advisories

πŸ”— https://access.redhat.com/errata/RHSA-2026:18160
πŸ”— https://access.redhat.com/errata/RHSA-2026:18683
πŸ”— https://access.redhat.com/errata/RHSA-2026:7067
πŸ”— https://access.redhat.com/security/cve/CVE-2026-0966
πŸ”— https://bugzilla.redhat.com/show_bug.cgi?id=2433121
πŸ”— https://www.libssh.org/2026/02/10/libssh-0-12-0-and-0-11-4-security-releases/

Related Vulnerabilities

CVE-2018-109339.1

A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create c...

CVE-2019-148898.8

A flaw was found with the libssh API function ssh_scp_new() in versions before 0.9.3 and before 0.8.8. When the libssh SCP client ...

CVE-2012-45607.5

Multiple buffer overflows in libssh before 0.5.3 allow remote attackers to cause a denial of service (crash) or possibly execute a...

CVE-2012-45627.5

Multiple integer overflows in libssh before 0.5.3 allow remote attackers to cause a denial of service (infinite loop or crash) and...