CVE-2025-15661 | libssh2 up to 1.11.1 SSH src/sftp.c sftp_symlink link_len out-of-bounds

A vulnerability, which was classified as critical, was found in libssh2 up to 1.11.1. This vulnerability affects the function sftp_symlink of the file src/sftp.c of the component SSH Handler. The manipulation of the argument link_len results in out-of-bounds read.

This vulnerability is identified as CVE-2025-15661. The attack can be executed remotely. There is not any exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More