CVE-2026-48110
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk19th percentile - higher than 19% of all known CVEs
Summary
Russh is a Rust SSH client and server library that had an issue in versions from 0.34.0 to before 0.61.0 with decoding attacker-controlled SSH strings. An attacker could send malicious data, leading to improper memory allocation.
Risk Assessment
An attacker could exploit this vulnerability to cause buffer overflows or other memory issues, potentially leading to service crashes or execution of malicious code.
Recommendation
It is recommended to update the russh library to version 0.61.0 or later to mitigate this vulnerability.
Original NVD description (English source)
Russh is a Rust SSH client & server library. From version 0.34.0 to before version 0.61.0, several russh client and server message handlers decoded attacker-controlled SSH strings, name-lists, and byte fields into owned allocations before applying field-specific bounds. A remote SSH peer could send oversized, high-fanout, or malformed length-prefixed fields and make the library allocate, attempt to allocate, or split data before rejecting input that should have been rejected earlier. This issue has been patched in version 0.61.0.

