VIR Vulnerability Intelligence Relay

Package impact

php Packagist / phpseclib/phpseclib

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-40194 low 3.7 3.7 2mo ago phpseclib has a variable-time HMAC comparison in SSH2::get_binary_packet() using != instead of hash_equals()