EXECUTIVE SUMMARY:
CVE-2026-58050 with a CVSS score of 8.3 is a integer overflow vulnerability affecting the libssh2 framework in versions up to. The flaw resides in the publickey subsystem parser where the library reads a 32-bit attribute count and multiplies it by a struct size for buffer allocation, causing an integer overflow on 32-bit platforms that results in insufficient memory allocation and subsequent heap corruption. An attacker can exploit this issue by acting as a malicious SSH server or via a man-in-the-middle position, requiring the targeted client to initiate a connection to the hostile endpoint. Successful exploitation allows the attacker to corrupt the heap, potentially leading to arbitrary code execution on the victims client system, as demonstrated by public proof-of-concept code on Windows builds. Given that libssh2 powers numerous file transfer clients, automation frameworks, and embedded devices, this vulnerability poses severe risks to operational security and data integrity across a wide range of software ecosystems. Exploitation is specifically effective against 32-bit platforms and requires high attack complexity due to the challenges of achieving reliable code execution, though the availability of exploit code significantly lowers the barrier for attackers.[/subscribe_to_unlock_form]
EXECUTIVE SUMMARY:
CVE-2026-58050 with a CVSS score of 8.3 is a integer overflow vulnerability affecting the libssh2 framework in versions up to. The flaw resides in the publickey subsystem parser where the library reads a 32-bit attribute count and multiplies it by a struct size for buffer allocation, causing an integer overflow on 32-bit platforms that results in insufficient memory allocation and subsequent heap corruption. An attacker can exploit this issue by acting as a malicious SSH server or via a man-in-the-middle position, requiring the targeted client to initiate a connection to the hostile endpoint. Successful exploitation allows the attacker to corrupt the heap, potentially leading to arbitrary code execution on the victims client system, as demonstrated by public proof-of-concept code on Windows builds. Given that libssh2 powers numerous file transfer clients, automation frameworks, and embedded devices, this vulnerability poses severe risks to operational security and data integrity across a wide range of software ecosystems. Exploitation is specifically effective against 32-bit platforms and requires high attack complexity due to the challenges of achieving reliable code execution, though the availability of exploit code significantly lowers the barrier for attackers.[emaillocker id="1283"]
RECOMMENDATION:
REFERENCES:
The following reports contain further technical details:
https://securityonline.info/libssh2-vulnerability-cve-2026-58050/
[/emaillocker]