0xBlackash/CVE-2026-55200 — reverse-engineered prompt

Build me a small C based security research demo around CVE 2026 55200 in libssh2. I want something I can run in a controlled local lab to show how a malformed SSH packet length could lead to memory corruption or a crash in vulnerable libssh2 versions, mainly for validation and education. Keep it focused on a simple proof of concept with clear comments, basic usage instructions, and a straightforward demo flow that is easy to reproduce.

If possible, have it connect to a test SSH service, send the crafted packet in a safe lab setting, and print useful output so I can tell whether the target looks vulnerable or patched. Also include a short explanation of the bug in normal language, what versions are affected, what kind of impact it can have like service crash or possible code execution, and a few practical mitigation tips. Please keep this strictly for defensive research and local testing only, and look up current public docs online if you need to.