All 4 CVE vulnerabilities found in russh, with AI-generated Chinese analysis, references, and POCs.
Vendor: warp-tech
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-42189 | Russh: Pre-auth DoS via unbounded allocation in keyboard-interactive auth CWE-770 | 7.5 | High | 2026-05-08 |
| CVE-2025-54804 | Russh is missing an overflow check during channel windows adjust CWE-190 | 6.5 | Medium | 2025-08-05 |
| CVE-2024-43410 | Russh has an OOM Denial of Service due to allocation of untrusted amount CWE-770 | 7.5 | High | 2024-08-21 |
| CVE-2023-28113 | russh may use insecure Diffie-Hellman keys CWE-20 | 5.9 | Medium | 2023-03-16 |
All 4 known CVE vulnerabilities affecting russh with full Chinese analysis, references, and POCs where available.