|
1
|
9.4
-
|
CRITICAL
Network
|
ssh in OpenSSH before 10.4 can have a use-after-free when a server changes its host key during a key re-exchange. (This outcome occurs only on the client side.)
|
CWE-416
Use After Free
|
CVE-2026-60002
|
cpe:2.3:a:openbsd:openssh:*:*
|
|
|
|
10.4
|
2026-07-10 01:36
2026-07-8
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2
|
6.5
-
|
MEDIUM
Network
|
sshd in OpenSSH before 10.4 does not always honor the minimum authentication delay.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-60001
|
cpe:2.3:a:openbsd:openssh:*:*
|
|
|
|
10.4
|
2026-07-10 01:37
2026-07-8
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3
|
7.5
-
|
HIGH
Network
|
sshd in OpenSSH before 10.4 allows remote attackers to cause a denial of service (resource consumption from excessive authentication attempts) because MaxAuthTries was mishandled for GSSAPIAuthentica…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-60000
|
cpe:2.3:a:openbsd:openssh:*:*
|
|
|
|
10.4
|
2026-07-10 01:51
2026-07-8
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4
|
7.5
-
|
HIGH
Network
|
In sshd in OpenSSH before 10.4, DisableForwarding=yes was supposed to take precedence over PermitTunnel=yes, but did not.
|
CWE-348
Use of Less Trusted Source
|
CVE-2026-59999
|
cpe:2.3:a:openbsd:openssh:*:*
|
|
|
|
10.4
|
2026-07-10 01:52
2026-07-8
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5
|
6.5
-
|
MEDIUM
Network
|
sshd in OpenSSH before 10.4 has an undocumented security-relevant behavior: GSSAPIStrictAcceptorCheck has no value if the server is in Windows Active Directory.
|
CWE-573
Improper Following of Specification by Caller
|
CVE-2026-59998
|
cpe:2.3:a:openbsd:openssh:*:*
|
|
|
|
10.4
|
2026-07-10 01:55
2026-07-8
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
6
|
5.4
-
|
MEDIUM
Network
|
internal-sftp in sshd in OpenSSH before 10.4 recognizes only the first 9 command-line arguments, which can be important if a later command-line argument would have helped to ensure the intended secur…
|
CWE-1284
Improper Validation of Specified Quantity in Input
|
CVE-2026-59997
|
cpe:2.3:a:openbsd:openssh:*:*
|
|
|
|
10.4
|
2026-07-10 02:11
2026-07-8
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
7
|
5.4
-
|
MEDIUM
Network
|
scp in OpenSSH before 10.4 may place a file in the parent directory of an intended directory when the copy occurs between two remote destinations.
|
CWE-23
Relative Path Traversal
|
CVE-2026-59996
|
cpe:2.3:a:openbsd:openssh:*:*
|
|
|
|
10.4
|
2026-07-10 02:14
2026-07-8
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
8
|
5.4
-
|
MEDIUM
Network
|
sftp in OpenSSH before 10.4 does not properly constrain the location of downloaded files when "sftp server:/path ." is used with an attacker-controlled server.
|
CWE-23
Relative Path Traversal
|
CVE-2026-59995
|
cpe:2.3:a:openbsd:openssh:*:*
|
|
|
|
10.4
|
2026-07-10 02:14
2026-07-8
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
9
|
6.1
-
|
MEDIUM
Local
|
A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding connections. This is possible by pre-binding the preferred abstract X socket na…
|
CWE-923
Improper Restriction of Communication Channel to Intended Endpoints
|
CVE-2026-55655
|
cpe:2.3:a:openbsd:openssh:-:*
|
|
|
|
|
2026-06-26 03:16
2026-06-23
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
10
|
3.7
-
|
LOW
Network
|
A flaw was found in OpenSSH. This vulnerability, a heap out-of-bounds read, occurs during the cleanup of GSSAPI (Generic Security Service Application Programming Interface) indicators when a trailing…
|
CWE-125
Out-of-bounds Read
|
CVE-2026-55654
|
cpe:2.3:a:openbsd:openssh:-:*
|
|
|
|
|
2026-06-26 01:59
2026-06-23
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|