CVE Catalog

CVE-2026-46673

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.04%

12th percentile - higher than 12% of all known CVEs

Summary

Russh is a Rust SSH client & server library. In versions prior to 0.60.3, there were issues with unchecked capacity growth in CryptoVec and unsafe allocation/locking paths, which could allow an attacker to introduce invalid frame lengths.

Risk Assessment

Organizations using russh versions before 0.60.3 are at risk of attacks that could lead to unauthorized access or data leakage through frame length manipulation.

Recommendation

It is recommended to upgrade to version 0.60.3 or later to mitigate this vulnerability.

Original NVD description (English source)

Russh is a Rust SSH client & server library. Prior to version 0.60.3, CryptoVec used unchecked capacity growth, unchecked length arithmetic, and unsafe allocation/locking paths. In current russh releases, local SSH agent peers could still feed attacker-controlled frame lengths into buffer growth before validation. In older russh releases before 0.58.0, remote SSH traffic also reached CryptoVec through transport and compression buffers. This issue has been patched in version 0.60.3.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS