QwikSec

Security Database

CVE

CWE

Training

CVE-2026-40194

Published: Apr 10, 2026

Modified: May 8, 2026

PUBLISHED

CVSS v3.1

3.7

LOW

Description

phpseclib is a PHP secure communications library. Starting in 0.1.1 and prior to 3.0.51, 2.0.53, and 1.0.28, phpseclib\Net\SSH2::get_binary_packet() uses PHP's != operator to compare a received SSH packet HMAC against the locally computed HMAC. != on equal-length binary strings in PHP uses memcmp(), which short-circuits on the first differing byte. This is a real variable-time comparison (CWE-208), proven by scaling benchmarks. This vulnerability is fixed in 3.0.51, 2.0.53, and 1.0.28.

Vendor	Product	Versions
phpseclib	phpseclib	affected `>= 0.1.1, < 1.0.28` affected `>= 2.0.0, < 2.0.53` affected `>= 3.0.0, < 3.0.51`

Weaknesses (CWE)

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

None

Availability

None

References

https://github.com/phpseclib/phpseclib/security/advisories/GHSA-r854-jrxh-36qx

x_refsource_CONFIRM

https://github.com/phpseclib/phpseclib/commit/ffe48b6b1b1af6963327f0a5330e3aa004a194ac

x_refsource_MISC

https://github.com/phpseclib/phpseclib/releases/tag/1.0.28

x_refsource_MISC

https://github.com/phpseclib/phpseclib/releases/tag/2.0.53

x_refsource_MISC

https://github.com/phpseclib/phpseclib/releases/tag/3.0.51

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.