UBUNTU-CVE-2026-55655

A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding connections. This is possible by pre-binding the preferred abstract X socket name when X11 forwarding is enabled and a local UNIX-domain X socket is used. A successful attack ca...

CVE-2026-55655 Openssh: local mitm of x11 forwarding via abstract unix socket pre-binding in red hat enterprise linux openssh client versions

A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding connections. This is possible by pre-binding the preferred abstract X socket name when X11 forwarding is enabled and a local UNIX-domain X socket is used. A successful attack ca...

PT-2026-51473

Name of the Vulnerable Software and Affected Versions OpenSSH affected versions not specified Description A flaw in OpenSSH allows a local unprivileged attacker on a Linux client host to hijack client-side X11 forwarding connections. This occurs when X11 forwarding is enabled and a local...

Linux Distros Unpatched Vulnerability : CVE-2026-55655

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding connections. This is possible by...

Astra Linux – Vulnerability in xorg-server

A flaw was discovered in the X.Org server. In the XISendDeviceHierarchyEvent function, it is possible to exceed the allocated array length when certain new device IDs are added to the xXIHierarchyInfo struct. This can lead to a heap buffer overflow condition, which may result in an application...

RockyLinux 10 : openssh (RLSA-2025:20126)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:20126 advisory. openssh: OpenSSH SSHD Agent Forwarding and X11 Forwarding CVE-2025-32728 Tenable has extracted the preceding description block directly from the RockyLinux...

openssh security update

An update is available for openssh. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenSSH is an SSH protocol implementation supported by a number of Linux,...

RLSA-2025:20126 Moderate: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: OpenSSH SSHD Agent Forwarding and X11 Forwarding CVE-2025-32728 For more details abo...

JLSEC-2026-73 In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the...

In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding...

NewStart CGSL MAIN 6.06 (SP) : openssh Multiple Vulnerabilities (NS-SA-2026-0003)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has openssh packages installed that are affected by multiple vulnerabilities: - The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control...

EulerOS Virtualization 2.10.0 : openssh (EulerOS-SA-2026-1186)

According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand i...

EulerOS Virtualization 2.10.1 : openssh (EulerOS-SA-2026-1135)

According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand i...

The DisableForwarding directive does not fully adhere to the intended functionality as documented (CVE-2025-32728).

Brocade has become aware of an Expected Behavior Violation vulnerability in OpenSSH releases 7.4 through 9.9. In affected versions of sshd, the DisableForwarding directive does not disable X11 and agent forwarding, which may allow unintended access under certain configurations...

MiracleLinux 7 : openssh-7.4p1-23.0.3.0.2.el7.AXS7 (AXSA:2025-10184:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10184:03 advisory. CVE-2025-32728: fix logic error in DisableForwarding option CVEs: CVE-2025-32728 In sshd in OpenSSH before 10.0, the DisableForwarding directive does not...

EulerOS 2.0 SP9 : openssh (EulerOS-SA-2026-1009)

According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent...

CLSA-2025-1766567686 Fix CVE(s): CVE-2025-32728

SECURITY UPDATE: DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding. - debian/patches/CVE-2025-32728.patch: fix logic error in DisableForwarding option - CVE-2025-32728...

AlmaLinux 10 : openssh (ALSA-2025:20126)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:20126 advisory. openssh: OpenSSH SSHD Agent Forwarding and X11 Forwarding CVE-2025-32728 Tenable has extracted the preceding description block directly from the AlmaLinux securi...

openssh: OpenSSH SSHD Agent Forwarding and X11 Forwarding

A flaw was found in OpenSSH. In affected versions of sshd, the DisableForwarding directive does not fully adhere to the intended functionality as documented. Specifically, it fails to disable X11 and agent forwarding, which may allow unintended access under certain configurations...

Moderate: Red Hat Security Advisory: openssh security update

An update for openssh is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

ALSA-2025:20126 Moderate: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: OpenSSH SSHD Agent Forwarding and X11 Forwarding CVE-2025-32728 For more details abo...