| CVE-2026-46673 |
high |
— |
8.0 |
|
|
|
13d ago |
Unbounded 32-bit allocation |
| CVE-2026-42189 |
high |
7.5 |
7.5 |
|
|
|
26d ago |
russh has pre-auth DoS via unbounded allocation in its keyboard-interactive auth handler |
| CVE-2023-48795 |
medium |
5.9 |
5.9 |
|
|
|
3y ago |
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from… |
| CVE-2026-46705 |
unknown |
— |
— |
|
|
|
5d ago |
russh server userauth state is not reset when authentication principal changes |
| CVE-2026-46702 |
unknown |
— |
— |
|
|
|
5d ago |
russh: Post-decompression SSH packet size was not bounded, allowing remote oversized compressed packets |
| CVE-2025-54804 |
unknown |
— |
— |
|
|
|
10mo ago |
russh is missing overflow checks during channel windows adjust |
| CVE-2024-43410 |
unknown |
— |
— |
|
|
|
2y ago |
Russh has an OOM Denial of Service due to allocation of untrusted amount |
| CVE-2023-28113 |
unknown |
— |
— |
|
|
|
3y ago |
russh may use insecure Diffie-Hellman keys |
