Description
A flaw has been found in warmcat libwebsockets up to 4.5.8. This issue affects the function lws_ssh_parse_plaintext of the file plugins/protocol_lws_ssh_base/sshd.c of the component SSH Protocol Handler. Executing a manipulation of the argument msg_len can lead to resource consumption. The attack may be launched remotely. The exploit has been published and may be used. This patch is called 3f9f0c6ecaf0e6f3f219d30632c5d1f2479d7498. A patch should be applied to remediate this issue.
Published: 2026-06-02
Score: 6.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability arises from the lws_ssh_parse_plaintext function in the libwebsockets SSH Protocol Handler, where an attacker can manipulate the msg_len argument to trigger unbounded resource consumption. This leads to excessive memory and CPU usage, effectively denying service to legitimate users. The weakness is classified as a resource exhaustion flaw (CWE‑400), an integer overflow error (CWE‑130), and a missing resource management issue (CWE‑404).

Affected Systems

The issue affects the warmcat libwebsockets component in all versions up to and including 4.5.8. The vulnerability is present in the SSH Protocol Handler plugin distributed with the library.

Risk and Exploitability

The CVSS score of 6.9 indicates moderate severity, yet the flaw can be exploited remotely, allowing attackers to send crafted SSH packets that overwhelm the target. The EPSS score is 0.00072 (approximately <1%), indicating a very low probability of exploitation, but a proof‑of‑concept exists and the vulnerability is not yet listed in CISA’s KEV catalog. The potential impact is a temporary denial of service for services that rely on libwebsockets for SSH handling, with the attacker only needing network access to the affected service.

Generated by OpenCVE AI on June 11, 2026 at 02:02 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update libwebsockets to a version that includes the patch (commit 3f9f0c6ecaf0e6f3f219d30632c5d1f2479d7498) or apply the patch directly to your source code.
  • If an immediate upgrade is not feasible, configure the application to reject SSH connections whose msg_len exceeds a safe threshold, thereby limiting resource usage per connection.
  • Implement rate limiting or connection throttling on the SSH protocol handler to prevent a single client from exhausting resources.
  • Monitor CPU and memory consumption for spikes and detect anomalously large SSH packets that may indicate an ongoing attack.

Generated by OpenCVE AI on June 11, 2026 at 02:02 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 11 Jun 2026 00:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-130
References
Metrics threat_severity

None

 threat_severity

Moderate

Wed, 03 Jun 2026 14:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 03 Jun 2026 02:30:00 +0000

Type Values Removed Values Added
Description A flaw has been found in warmcat libwebsockets up to 4.5.8. This issue affects the function lws_ssh_parse_plaintext of the file plugins/protocol_lws_ssh_base/sshd.c of the component SSH Protocol Handler. Executing a manipulation of the argument msg_len can lead to resource consumption. The attack may be launched remotely. The exploit has been published and may be used. This patch is called 3f9f0c6ecaf0e6f3f219d30632c5d1f2479d7498. A patch should be applied to remediate this issue.
Title warmcat libwebsockets SSH Protocol sshd.c lws_ssh_parse_plaintext resource consumption
First Time appeared Warmcat
Warmcat libwebsockets
Weaknesses CWE-400
CWE-404
CPEs cpe:2.3:a:warmcat:libwebsockets:*:*:*:*:*:*:*:*
Vendors & Products Warmcat
Warmcat libwebsockets
References
Metrics cvssV2_0

{'score': 5, 'vector': 'AV:N/AC:L/Au:N/C:N/I:N/A:P/E:POC/RL:OF/RC:C'}

cvssV3_0

{'score': 5.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C'}

cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Warmcat Libwebsockets
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-06-03T14:04:31.919Z

Reserved: 2026-06-02T15:19:20.070Z

Link: CVE-2026-10650

cve-icon Vulnrichment

Updated: 2026-06-03T14:04:27.427Z

cve-icon NVD

Status : Deferred

Published: 2026-06-02T22:16:16.293

Modified: 2026-06-04T13:53:09.797

Link: CVE-2026-10650

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-06-02T21:15:10Z

Links: CVE-2026-10650 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-06-11T02:15:27Z

Weaknesses
  • CWE-130

    Improper Handling of Length Parameter Inconsistency

  • CWE-400

    Uncontrolled Resource Consumption

  • CWE-404

    Improper Resource Shutdown or Release