CVE-2025-15661 is a high-severity libssh2 vulnerability disclosed in June 2026 that affects versions through 1.11.1, where a malicious SSH server or man-in-the-middle attacker can trigger a heap buffer over-read in SFTP symlink handling and crash or expose client memory. The bug is not a Windows...