CVE-2026-55199 | libssh2 up to 1.11.1 SSH_MSG_EXT_INFO src/packet.c _libssh2_get_string infinite loop (EUVD-2026-37782 / Nessus ID 321662)
A vulnerability has been found in libssh2 up to 1.11.1 and classified as problematic. Affected by this issue is the function _libssh2_get_string of the file src/packet.c of the component SSH_MSG_EXT_INFO Handler. This manipulation causes infinite loop.
The identification of this vulnerability is CVE-2026-55199. It is possible to initiate the attack remotely. There is no exploit available.
The affected component should be upgraded.