CVE-2026-46673
Received Received - Intake
Buffer Overflow in Russh SSH Library

Publication date: 2026-06-10

Last updated on: 2026-06-10

Assigner: GitHub, Inc.

Description
Russh is a Rust SSH client & server library. Prior to version 0.60.3, CryptoVec used unchecked capacity growth, unchecked length arithmetic, and unsafe allocation/locking paths. In current russh releases, local SSH agent peers could still feed attacker-controlled frame lengths into buffer growth before validation. In older russh releases before 0.58.0, remote SSH traffic also reached CryptoVec through transport and compression buffers. This issue has been patched in version 0.60.3.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-10
Last Modified
2026-06-10
Generated
2026-06-11
AI Q&A
2026-06-11
EPSS Evaluated
N/A
NVD
CVE-2026-46673
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
russh russh to 0.60.3 (exc)
russh russh to 0.58.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-770 The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Russh Rust SSH client and server library prior to version 0.60.3. It involves the CryptoVec component, which used unchecked capacity growth, unchecked length arithmetic, and unsafe allocation and locking paths. This allowed local SSH agent peers to feed attacker-controlled frame lengths into buffer growth before validation, potentially causing unsafe behavior. In older versions before 0.58.0, remote SSH traffic could also reach CryptoVec through transport and compression buffers, increasing the attack surface. The issue was fixed in version 0.60.3.

Impact Analysis

The vulnerability can lead to a high impact on availability (as indicated by the CVSS score), meaning it could cause denial of service or crashes in systems using vulnerable versions of Russh. Since the vulnerability involves unsafe buffer growth and unchecked arithmetic, it could be exploited to disrupt SSH communications or cause the SSH client or server to become unstable or unresponsive.

Mitigation Strategies

To mitigate this vulnerability, you should upgrade the russh library to version 0.60.3 or later, where the issue has been patched.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-46673. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart