CVE-2026-60002
- EPSS 0.25%
- Veröffentlicht 08.07.2026 00:17:33
- Zuletzt bearbeitet 09.07.2026 16:36:21
ssh in OpenSSH before 10.4 can have a use-after-free when a server changes its host key during a key re-exchange. (This outcome occurs only on the client side.)
CVE-2026-60001
- EPSS 0.27%
- Veröffentlicht 08.07.2026 00:16:15
- Zuletzt bearbeitet 09.07.2026 16:37:12
sshd in OpenSSH before 10.4 does not always honor the minimum authentication delay.
CVE-2026-60000
- EPSS 0.34%
- Veröffentlicht 08.07.2026 00:14:31
- Zuletzt bearbeitet 09.07.2026 16:51:43
sshd in OpenSSH before 10.4 allows remote attackers to cause a denial of service (resource consumption from excessive authentication attempts) because MaxAuthTries was mishandled for GSSAPIAuthentication.
CVE-2026-59999
- EPSS 0.13%
- Veröffentlicht 08.07.2026 00:13:08
- Zuletzt bearbeitet 09.07.2026 16:52:29
In sshd in OpenSSH before 10.4, DisableForwarding=yes was supposed to take precedence over PermitTunnel=yes, but did not.
CVE-2026-59998
- EPSS 0.18%
- Veröffentlicht 08.07.2026 00:11:05
- Zuletzt bearbeitet 09.07.2026 16:55:00
sshd in OpenSSH before 10.4 has an undocumented security-relevant behavior: GSSAPIStrictAcceptorCheck has no value if the server is in Windows Active Directory.
CVE-2026-59997
- EPSS 0.16%
- Veröffentlicht 08.07.2026 00:09:04
- Zuletzt bearbeitet 09.07.2026 17:11:49
internal-sftp in sshd in OpenSSH before 10.4 recognizes only the first 9 command-line arguments, which can be important if a later command-line argument would have helped to ensure the intended security properties of an SFTP connection.
CVE-2026-59996
- EPSS 0.2%
- Veröffentlicht 08.07.2026 00:07:07
- Zuletzt bearbeitet 09.07.2026 17:14:27
scp in OpenSSH before 10.4 may place a file in the parent directory of an intended directory when the copy occurs between two remote destinations.
CVE-2026-59995
- EPSS 0.2%
- Veröffentlicht 08.07.2026 00:04:49
- Zuletzt bearbeitet 09.07.2026 17:14:47
sftp in OpenSSH before 10.4 does not properly constrain the location of downloaded files when "sftp server:/path ." is used with an attacker-controlled server.
CVE-2026-55654
- EPSS 0.37%
- Veröffentlicht 23.06.2026 03:37:00
- Zuletzt bearbeitet 08.07.2026 14:17:14
A flaw was found in OpenSSH. This vulnerability, a heap out-of-bounds read, occurs during the cleanup of GSSAPI (Generic Security Service Application Programming Interface) indicators when a trailing NULL termination is missing in the auth-indicators...
CVE-2026-55655
- EPSS 0.09%
- Veröffentlicht 23.06.2026 03:36:25
- Zuletzt bearbeitet 08.07.2026 14:17:14
A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding connections. This is possible by pre-binding the preferred abstract X socket name when X11 forwarding is enabled and a local UNIX-...