Vulnerability Database

296,147

Total vulnerabilities in the database

CVE-2025-8114

A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange (KEX) process, an allocation failure in cryptographic functions may lead to a NULL pointer dereference. This issue can cause the client or server to crash.

  • Published: Jul 24, 2025
  • Updated: Jul 25, 2025
  • CVE: CVE-2025-8114
  • Severity: Low
  • Exploit:

CVSS v3:

  • Severity: Low
  • Score: 4.7
  • AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

CWEs:

Software From Fixed in
libssh / libssh - 0.11.2.x