Some time ago I’ve found an interesting memory corruption bug (via integer overflow) in the mechanism responsible for parsing XMSS private keys. This bug is addressed in the latest OpenSSH released version (8.1) and more details about the bug can be found here:
CVE-2019-16905 – OpenSSH Pre-Auth XMSS Integer Overflow
Best regards,
Adam