RockyLinux 10 : openssh (RLSA-2025:20126)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:20126 advisory. openssh: OpenSSH SSHD Agent Forwarding and X11 Forwarding CVE-2025-32728 Tenable has extracted the preceding description block directly from the RockyLinux...

RLSA-2025:20126 Moderate: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: OpenSSH SSHD Agent Forwarding and X11 Forwarding CVE-2025-32728 For more details abo...

openssh security update

An update is available for openssh. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenSSH is an SSH protocol implementation supported by a number of Linux,...

CVE-2026-32728

creationtimestamp| type| source ---|---|--- 2026-03-19 21:01:14+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhgvj7xwc425 2026-03-19 21:13:17+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhgw6rdod52h...

CVE-2026-32728

Parse Server is affected by a stored XSS bypass vulnerability where an attacker with file upload rights can bypass extension filtering by adding MIME parameters (for example; charset=utf-8) to the Content-Type header. This can cause the extension validation to skip blocklist checks, allowing acti...

@bigegg/parse-server-schema-config (>=1.0.5 <=1.0.10), @kontaa/subgraph (>=1.0.1 <=1.2.3) +27 more potentially affected by CVE-2026-32728 via parse-server (>=2.0.8 <=7.5.4)

parse-server NPM version =2.0.8, =1.0.5, =1.0.1, =1.2.1, =2.4.46, =2.4.8, =1.0.0, =1.0.0, =1.0.1, =0.1.1, =0.0.2, =1.0.0, =0.1.0, =0.1.7, =0.0.1, =0.0.29 - parse-cli-server2 =0.0.30 and more Source cves: CVE-2026-32728 Source advisory: OSV:GHSA-42PH-PF9Q-CR72...

Amazon Linux 2 : openssh, --advisory ALAS2-2026-3175 (ALAS-2026-3175)

The version of openssh installed on the remote host is prior to 7.4p1-22. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3175 advisory. In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it...

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2026-1135)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The DisableForwarding directive does not fully adhere to the intended functionality as documented (CVE-2025-32728).

Brocade has become aware of an Expected Behavior Violation vulnerability in OpenSSH releases 7.4 through 9.9. In affected versions of sshd, the DisableForwarding directive does not disable X11 and agent forwarding, which may allow unintended access under certain configurations...

MiracleLinux 7 : openssh-7.4p1-23.0.3.0.2.el7.AXS7 (AXSA:2025-10184:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10184:03 advisory. CVE-2025-32728: fix logic error in DisableForwarding option CVEs: CVE-2025-32728 In sshd in OpenSSH before 10.0, the DisableForwarding directive does not...

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2026-1009)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CLSA-2025-1766567686 Fix CVE(s): CVE-2025-32728

SECURITY UPDATE: DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding. - debian/patches/CVE-2025-32728.patch: fix logic error in DisableForwarding option - CVE-2025-32728...

Oracle Linux 10 : ELSA-2025-20126-0: / openssh (ELSA-2025-201260)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-201260 advisory. - CVE-2025-32728: Fix logic error in DisableForwarding option Resolves: RHEL-86819 Tenable has extracted the preceding description block directly from the...

Siemens SIMATIC S7-1500 Expected Behavior Violation (CVE-2025-32728)

In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...

Moderate: Red Hat Security Advisory: openssh security update

An update for openssh is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

ALSA-2025:20126 Moderate: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: OpenSSH SSHD Agent Forwarding and X11 Forwarding CVE-2025-32728 For more details abo...

RHEL 10 : openssh (RHSA-2025:20126)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:20126 advisory. OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary...

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2025-2178)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2025-2179)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.13.0 : openssh (EulerOS-SA-2025-2179)

According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11...