🔴 Critical | Source: The Hacker News
A public proof-of-concept exploit has been released for CVE-2026-55200, a critical vulnerability in libssh2, a widely used open-source library that allows applications to connect to SSH servers. A malicious or compromised SSH server can use this flaw to corrupt memory on any client using the library, potentially executing arbitrary code — without requiring any credentials or user interaction. All versions of libssh2 up to and including 1.11.1 are affected, making the blast radius extremely broad given the library’s prevalence across cloud tooling, CI/CD pipelines, and infrastructure automation.
Security Architect’s Take: Audit your estate immediately for any software, container images, or managed services that bundle libssh2 (including Ansible, libgit2-based tooling, and custom SSH clients) and prioritise patching to a fixed release; additionally, review whether any of your workloads connect to SSH endpoints outside your direct control, as a supply-chain compromise of a third-party SSH server could pivot directly into your build or deployment infrastructure.
Original advisory: Public PoC Released for Critical libssh2 CVE-2026-55200 Client-Side SSH Flaw