## Critical Security Flaw Exposed in Audiobookshelf Docker Image (CVE-2026-0968)
A critical security vulnerability has been identified in the latest Docker image for Audiobookshelf, a popular self-hosted audiobook and podcast server. The flaw, tracked as CVE-2026-0968, carries the highest severity rating and resides within the `libssh` library version 0.11.3-r0. This vulnerability could allow an attacker to trigger a Denial of Service (DoS) condition by sending a malformed SFTP message, potentially crashing the service and disrupting access for users.

The vulnerability was automatically detected in the `ghcr.io/advplyr/audiobookshelf:latest` image during a security scan on April 13, 2026. The issue is specific to the `libssh` package, a library for implementing the SSH protocol. The scanner, RedFlag, which automates vulnerability detection using Trivy, flagged this as the sole new and critical issue. A fixed version of the library, 0.11.4-r0, is available, indicating the core problem has been addressed upstream.

For administrators and users running the affected Audiobookshelf container, this finding necessitates immediate attention. While the direct impact appears limited to service availability via a DoS attack, the presence of a critical flaw in a core networking library raises significant security concerns. It underscores the persistent risks in the homelab and self-hosted software ecosystem, where containerized applications automatically pull in dependencies that may contain unpatched vulnerabilities. Users are advised to check their deployments, monitor for an updated container image from the maintainer, and consider manual mitigation strategies until a patched build is released.
---
- **Source**: GitHub Issues
- **Sector**: The Lab
- **Tags**: cybersecurity, vulnerability, docker, self-hosted, CVE
- **Credibility**: unverified
- **Published**: 2026-04-13 04:22:37
- **ID**: 61257
- **URL**: https://whisperx.ai/en/intel/61257