Vulnerability DatabaseCVE-2026-0966
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
CVE-2026-0966
March 26, 2026
The API function "ssh_get_hexa()" is vulnerable, when 0-lenght input is provided to this function. This function is used internally in "ssh_get_fingerprint_hash()" and "ssh_print_hexa()" (deprecated), which is vulnerable to the same input (length is provided by the calling application). The function is also used internally in the gssapi code for logging the OIDs received by the server during GSSAPI authentication. This could be triggered remotely, when the server allows GSSAPI authentication and logging verbosity is set at least to SSH_LOG_PACKET (3). This could cause self-DoS of the per-connection daemon process.
Affected Packages
libssh (CONDA):
Affected version(s) >=0.8.7 <0.12.0
Fix Suggestion:
Update to version 0.12.0
libssh (CONDA):
Affected version(s) >=0.8.7 <0.12.0
Fix Suggestion:
Update to version 0.12.0
libssh (CONDA):
Affected version(s) >=0.8.7 <0.12.0
Fix Suggestion:
Update to version 0.12.0
https://git.libssh.org/projects/libssh.git (SCM_GIT):
Affected version(s) >=libssh-0.5.1 <libssh-0.11.4
Fix Suggestion:
Update to version libssh-0.11.4
https://git.libssh.org/projects/libssh.git (SCM_GIT):
Affected version(s) >=libssh-0.5.1 <libssh-0.11.4
Fix Suggestion:
Update to version libssh-0.11.4
https://git.libssh.org/projects/libssh.git (SCM_GIT):
Affected version(s) >=libssh-0.5.1 <libssh-0.11.4
Fix Suggestion:
Update to version libssh-0.11.4
Related ResourcesĀ (3)
https://bugzilla.redhat.com/show_bug.cgi?id=2433121
https://www.libssh.org/2026/02/10/libssh-0-12-0-and-0-11-4-security-releases/
https://access.redhat.com/security/cve/CVE-2026-0966
Do you need more information?
Contact Us
CVSS v4
Base Score:
6.9
Attack Vector
NETWORK
Attack Complexity
LOW
Attack Requirements
NONE
Privileges Required
NONE
User Interaction
NONE
Vulnerable System Confidentiality
NONE
Vulnerable System Integrity
LOW
Vulnerable System Availability
LOW
Subsequent System Confidentiality
NONE
Subsequent System Integrity
NONE
Subsequent System Availability
NONE
CVSS v3
Base Score:
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
LOW
Availability
LOW
Weakness Type (CWE)
Buffer Underwrite ('Buffer Underflow')
CWE-124
EPSS
Base Score:
0.09