Description
A flaw has been found in warmcat libwebsockets up to 4.5.8. This issue affects the function lws_ssh_parse_plaintext of the file plugins/protocol_lws_ssh_base/sshd.c of the component SSH Protocol Handler. Executing a manipulation of the argument msg_len can lead to resource consumption. The attack may be launched remotely. The exploit has been published and may be used. This patch is called 3f9f0c6ecaf0e6f3f219d30632c5d1f2479d7498. A patch should be applied to remediate this issue.
Published: 2026-06-02
Score: 6.9 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability arises from the lws_ssh_parse_plaintext function in the libwebsockets SSH Protocol Handler, where an attacker can manipulate the msg_len argument to trigger unbounded resource consumption. This leads to excessive memory and CPU usage, effectively denying service to legitimate users. The weakness is classified as a resource exhaustion flaw (CWE‑400) and a missing resource management issue (CWE‑404).

Affected Systems

The issue affects the warmcat libwebsockets component in all versions up to and including 4.5.8. The vulnerability is present in the SSH Protocol Handler plugin distributed with the library.

Risk and Exploitability

The CVSS score of 6.9 indicates moderate severity, yet the flaw can be exploited remotely, allowing attackers to send crafted SSH packets that overwhelm the target. While the EPSS score is not available, the vulnerability has an exploitable proof‑of‑concept available and is not yet listed in CISA’s KEV catalog. The potential impact is a temporary denial of service for services that rely on libwebsockets for SSH handling, with the attacker only needing network access to the affected service.

Generated by OpenCVE AI on June 3, 2026 at 04:13 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update libwebsockets to a version that includes the patch (commit 3f9f0c6ecaf0e6f3f219d30632c5d1f2479d7498) or apply the patch directly to your source code.
  • If an immediate upgrade is not feasible, configure the application to reject SSH connections whose msg_len exceeds a safe threshold, thereby limiting resource usage per connection.
  • Implement rate limiting or connection throttling on the SSH protocol handler to prevent a single client from exhausting resources.
  • Monitor CPU and memory consumption for spikes and detect anomalously large SSH packets that may indicate an ongoing attack.

Generated by OpenCVE AI on June 3, 2026 at 04:13 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 03 Jun 2026 14:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 03 Jun 2026 02:30:00 +0000

Type Values Removed Values Added
Description A flaw has been found in warmcat libwebsockets up to 4.5.8. This issue affects the function lws_ssh_parse_plaintext of the file plugins/protocol_lws_ssh_base/sshd.c of the component SSH Protocol Handler. Executing a manipulation of the argument msg_len can lead to resource consumption. The attack may be launched remotely. The exploit has been published and may be used. This patch is called 3f9f0c6ecaf0e6f3f219d30632c5d1f2479d7498. A patch should be applied to remediate this issue.
Title warmcat libwebsockets SSH Protocol sshd.c lws_ssh_parse_plaintext resource consumption
First Time appeared Warmcat
Warmcat libwebsockets
Weaknesses CWE-400
CWE-404
CPEs cpe:2.3:a:warmcat:libwebsockets:*:*:*:*:*:*:*:*
Vendors & Products Warmcat
Warmcat libwebsockets
References
Metrics cvssV2_0

{'score': 5, 'vector': 'AV:N/AC:L/Au:N/C:N/I:N/A:P/E:POC/RL:OF/RC:C'}

cvssV3_0

{'score': 5.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C'}

cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Warmcat Libwebsockets
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-06-03T14:04:31.919Z

Reserved: 2026-06-02T15:19:20.070Z

Link: CVE-2026-10650

cve-icon Vulnrichment

Updated: 2026-06-03T14:04:27.427Z

cve-icon NVD

Status : Received

Published: 2026-06-02T22:16:16.293

Modified: 2026-06-02T22:16:16.293

Link: CVE-2026-10650

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-03T04:15:24Z

Weaknesses