Critical libssh2 Vulnerability (CVE-2026-55200) Enables Remote Code Execution A severe security flaw in libssh2, a widely deployed client-side SSH library, has been disclosed, allowing remote attackers to execute arbitrary code via maliciously crafted SSH packets. The vulnerability, tracked as CVE-2026-55200, carries a CVSS score of 9.2, reflecting its high severity and ease of exploitation. The issue stems from an integer overflow leading to a buffer overflow (CWE-680) in the `ssh2_transport_read()` function within `transport.c`. The flaw occurs due to insufficient validation of the `packet_length` field, enabling attackers to send oversized packets that trigger out-of-bounds memory writes. Successful exploitation results in heap corruption, allowing adversaries to overwrite adjacent memory and achieve arbitrary code execution all without requiring authentication. The vulnerability affects libssh2 versions up to and including 1.11.1 and was patched in commit 7acf3df following responsible disclosure by security researcher Tristan Madani. The CVSS v4 vector highlights low attack complexity and no user interaction, making it particularly dangerous in automated systems, embedded devices, and backend infrastructures where libssh2 is integrated. Given its broad adoption including in file transfer tools, automation frameworks, and custom SSH clients the flaw poses a significant risk, especially in enterprise environments where the library may be statically linked and difficult to detect. Organizations may unknowingly run vulnerable instances, even if their primary systems appear updated. The maintainers have released a patch that enforces strict bounds checking on `packet_length` before memory allocation. Until updates are applied, mitigation measures include restricting SSH access to trusted hosts, network-level filtering, and monitoring for anomalous SSH traffic such as unusually large packets or application crashes tied to libssh2. This incident underscores the persistent risks of memory safety vulnerabilities in widely used libraries and the critical need for robust input validation in network protocol implementations.