Reports
AI-generated structured vendor updates
Research
Other
2026-06-30
libssh2 CVE-2026-55200: Pre-auth RCE via Malicious Server, Attack Surface Shifts to Clients
A critical heap out-of-bounds write vulnerability (CVE-2026-55200, CVSS 9.2) in libssh2 allows a malicious SSH server to achieve pre-auth RCE on connecting clients. The flaw affects curl, Git, PHP, and many other projects statically linking the library, expanding the attack surface from servers to virtually any client application, including CI/CD, backup, and embedded systems.
Research
Other
1970-01-01
Z.ai GLM-5.2 Open-Source: 744B MoE, 1M Context, MIT License as Geopolitical Shield
Z.ai releases GLM-5.2: 744B MoE with 40B activated parameters, 1M input and 131K output context, under MIT license. Released one day after Anthropic Fable 5's government takedown, it offers a downloadable, unbanable alternative with Anthropic API compatibility for zero-code migration, giving enterprises a sovereign AI option.