CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-58051

mediumCVSS 6.5covered by 2 sourcesfirst seen 2026-06-09
libssh2 through 1.11.1 grows its publickey list with SSH2_REALLOC but does not zero-initialize new entries before parsing populates them, so a parse failure reaching the cleanup path leaves libssh2_publickey_list_free operating on an uninitialized entry. A malicious SSH server offering the publickey subsystem can use a malformed response to make cleanup free an uninitialized, attacker-influenceable attrs pointer in a connecting libssh2 client.

CSIRTS triage

What
This vulnerability is due to a free of uninitialized pointer in publickey list cleanup.
Who is affected
Users of libssh2 are affected by this vulnerability.
Urgency
Remediation is urgent due to its medium severity and potential for exploitation.
Action
Update to the latest version of libssh2.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch CVE-2026-58051

Get an email if CVE-2026-58051 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (2)

External references

NVD record for CVE-2026-58051

CVE.org record

Embed the live status

CVE-2026-58051 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-58051 status](https://www.csirts.com/badge/CVE-2026-58051)](https://www.csirts.com/cve/CVE-2026-58051)