libssh2
Security Risk Profile
37
/100
lowSecurity Risk Score
Comprehensive risk assessment based on 20 vulnerabilities, EPSS scores, exploitation status, and remediation availability.
📅 Data spans from March 13, 2015 to present
20
Total CVEs
12
Critical+High
0
Exploited
1
Unpatched
Threat Assessment
Avg CVSS
8.2
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
1
Critical/High
Risk Level
37/100
low
📈 1 in Last 30 Days
Severity Distribution
Critical
6High
6Medium
4Low
0Exploit Likelihood
>50% chance
020-50%
05-20%
0<5%
1Age Distribution
Common Weaknesses (CWE)
1
Integer Overflow
7
2
Input Validation
2
3
Race Condition
1
4
Buffer Overflow
1
5
Infoleak
1
Most Affected Products
1. libssh2 libssh221
2. Debian Debian Linux21
3. Fedoraproject Fedora20
4. openSUSE Leap17
5. debian/libssh212
Recent Vulnerabilities
See more →CVE-2026-7598
CVSS 6.9EPSS 0%medium
libssh2 userauth.c userauth_password integer overflow
5/1/2026
https://seclists.org/oss-sec/2025/q3/138
unknown
libssh2 Base64 Encoding Heap Overflow in Known Hosts SHA1 Hash Processing
8/26/2025🔧 No Patch
https://seclists.org/oss-sec/2025/q3/137
unknown
libssh2 Base64 Encoding Heap Overflow in Known Hosts SHA1 Hash Processing
8/26/2025🔧 No Patch
USN-6585-1
unknown
libssh2 vulnerability
1/15/2024🔧 No Patch
https://seclists.org/oss-sec/2023/q4/297
unknown
CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)
12/19/2023🔧 No Patch
CVE-2023-48795
CVSS 6.0medium
OpenSSH Terrapin attack (CVE-2023-48795)
12/12/2023
CVE-2020-22218
CVSS 7.5high
8/22/2023
CVE-2019-17498
CVSS 8.1high
10/21/2019
CVE-2019-13115
CVSS 8.1high
7/16/2019🔧 No Patch
CVE-2019-3860
CVSS 9.1critical
3/25/2019
Monitor libssh2 in Real-Time
Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.