GHSA-CH3Q-CW5R-F4HG ConnectBot SSH Client Library: Unbounded SSH field lengths can cause excessive memory allocation

Summary The SSH protocol parser trusted attacker-controlled length and count fields without first checking that the declared values fit within the containing packet. When a client connects to a malicious or compromised SSH server, the server can send a small, malformed packet containing an inner...

ConnectBot SSH Client Library: Unbounded SSH field lengths can cause excessive memory allocation

Summary The SSH protocol parser trusted attacker-controlled length and count fields without first checking that the declared values fit within the containing packet. When a client connects to a malicious or compromised SSH server, the server can send a small, malformed packet containing an inner...

CVE-2026-39832 Invoking agent constraints dropped when forwarding keys in golang.org/x/crypto/ssh/agent

When adding a key to a remote agent constraint extensions such as [email protected] were not serialized in the request. Destination restrictions were silently stripped when forwarding keys, allowing unrestricted use of the key on the remote host. The client now serializes all...

RockyLinux 10 : openssh (RLSA-2025:20126)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:20126 advisory. openssh: OpenSSH SSHD Agent Forwarding and X11 Forwarding CVE-2025-32728 Tenable has extracted the preceding description block directly from the RockyLinux...

openssh security update

An update is available for openssh. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list OpenSSH is an SSH protocol implementation supported by a number of Linux,...

Astra Linux – Vulnerability in OpenSSH

The PKCS11 feature in ssh-agent in OpenSSH prior to version 9.3p2 has an insufficiently trustworthy search path, which can lead to remote code execution if the agent is forwarded to a system controlled by an attacker. The code located in /usr/lib is not necessarily safe for loading into ssh-agent...

JLSEC-2026-64

ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host...

JLSEC-2026-73 In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the...

In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding...

EulerOS Virtualization 2.10.1 : openssh (EulerOS-SA-2026-1135)

According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand i...

EulerOS Virtualization 2.10.0 : openssh (EulerOS-SA-2026-1186)

According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand i...

The DisableForwarding directive does not fully adhere to the intended functionality as documented (CVE-2025-32728).

Brocade has become aware of an Expected Behavior Violation vulnerability in OpenSSH releases 7.4 through 9.9. In affected versions of sshd, the DisableForwarding directive does not disable X11 and agent forwarding, which may allow unintended access under certain configurations...

MiracleLinux 7 : openssh-7.4p1-23.0.3.0.2.el7.AXS7 (AXSA:2025-10184:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10184:03 advisory. CVE-2025-32728: fix logic error in DisableForwarding option CVEs: CVE-2025-32728 In sshd in OpenSSH before 10.0, the DisableForwarding directive does not...

EulerOS 2.0 SP9 : openssh (EulerOS-SA-2026-1009)

According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent...

CLSA-2025-1766567686 Fix CVE(s): CVE-2025-32728

SECURITY UPDATE: DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding. - debian/patches/CVE-2025-32728.patch: fix logic error in DisableForwarding option - CVE-2025-32728...

AlmaLinux 10 : openssh (ALSA-2025:20126)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:20126 advisory. openssh: OpenSSH SSHD Agent Forwarding and X11 Forwarding CVE-2025-32728 Tenable has extracted the preceding description block directly from the AlmaLinux securi...

openssh: OpenSSH SSHD Agent Forwarding and X11 Forwarding

A flaw was found in OpenSSH. In affected versions of sshd, the DisableForwarding directive does not fully adhere to the intended functionality as documented. Specifically, it fails to disable X11 and agent forwarding, which may allow unintended access under certain configurations...

EUVD-2000-1154

Malware in sbrugna...

EUVD-2021-14748

Malware in sbrugna...

EUVD-2025-10504

Malicious code in bioql PyPI...

CVE-2025-34207

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to 22.0.1049 and Application prior to 20.0.2786 VA and SaaS deployments configure the SSH client within Docker instances with the following options: UserKnownHostsFile=/dev/null, StrictHostKeyChecking=no, and ForwardAgent yes. These...