CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 3 days ago•6 views

OpenSSH: OpenSSH: Security bypass via mishandling of authorized_keys principals option

8.1CVSS5.9AI score0.00031EPSS

OSV•added 6 days ago•4 views

RLSA-2026:19069 Important: openssh security update

OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode...

7.5CVSS6.2AI score0.00058EPSS

OSV•added last week•1 views

SUSE-SU-2026:21875-1 Security update for openssh

This update for openssh fixes the following issues - CVE-2026-35385: a file downloaded by scp may be installed setuid or setgid bsc1261427. - CVE-2026-35414: mishandling of authorizedkeys principals option bsc1261430. Changes for openssh: - Fix a potential issue when validating mac bsc1264568:...

Tenable Nessus•added 2026/05/27 12:0 a.m.•11 views

Amazon Linux 2 : openssh, --advisory ALAS2-2026-3320 (ALAS-2026-3320)

The version of openssh installed on the remote host is prior to 7.4p1-22. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3320 advisory. OpenSSH before 10.3 omits connection multiplexing confirmation for proxy-mode multiplexing sessions. CVE-2026-35388 OpenS...

8.1CVSS5.9AI score0.00031EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в rsync

A vulnerability was discovered in rsync prior to version 3.2.5. This vulnerability allows malicious remote servers to write arbitrary files into the directories of connecting peers. The server determines which files/directories are sent to the client. However, the rsync client lacks sufficient...

7.4CVSS7.3AI score0.00923EPSS

Exploits1References2

OSV•added 2026/05/19 12:0 a.m.•5 views

ALSA-2026:19069 Important: openssh security update

8.1CVSS6.2AI score0.00058EPSS

Exploits0References12

Tenable Nessus•added 2026/05/19 12:0 a.m.•5 views

SUSE SLED15 / SLES15 Security Update : openssh (SUSE-SU-2026:1876-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1876-1 advisory. This update for openssh fixes the following issues - CVE-2026-35385: a file downloaded by scp may be installed...

8.1CVSS6.1AI score0.00058EPSS

OSV•added 2026/05/15 10:6 p.m.•1 views

SUSE-SU-2026:1876-1 Security update for openssh

OSV•added 2026/05/15 11:23 a.m.•2 views

Exploits0References5

OPENSUSE-SU-2026:20757-1 Security update for openssh

This update for openssh fixes the following issues Security issues fixed: - CVE-2026-35385: a file downloaded by scp may be installed setuid or setgid bsc1261427. - CVE-2026-35414: mishandling of authorizedkeys principals option bsc1261430. Other issues fixed: - SSH port not reachable on...

8.1CVSS5.8AI score0.00058EPSS

OSV•added 2026/05/12 10:11 a.m.•5 views

SUSE-SU-2026:21634-1 Security update for openssh

CVE•added 2026/05/11 8:21 p.m.•4 views

Exploits0References5

CVE-2026-41489

Pi-hole (6.0 through before Core 6.4.2 and FTL 6.6.1) is vulnerable because two systemd-executed root scripts (pihole-FTL-prestart.sh and pihole-FTL-poststop.sh) read the files.pid path from a config without validation and perform privileged file operations using that path. An attacker with pihol...

8.8CVSS5.9AI score0.00013EPSS

Exploits0References1

OSV•added 2026/05/08 11:41 a.m.•3 views

CLSA-2026-1778056682 openssh: Fix of CVE-2026-35414

CVE-2026-35414: fix authorizedkeys principals option mishandling with comma-containing CA principals...

8.1CVSS6AI score0.00031EPSS

Exploits0References1

CloudLinux•added 2026/05/08 11:41 a.m.•5 views

openssh: Fix of CVE-2026-35414

CVE-2026-35414: fix authorizedkeys principals option mishandling with comma-containing CA principals...

8.1CVSS6AI score0.00031EPSS

Exploits0

Tenable Nessus•added 2026/05/07 12:0 a.m.•2 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: openssh (UTSA-2026-016493)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016493 advisory. OpenSSH before 10.3 mishandles the authorizedkeys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority tha...

8.1CVSS5.6AI score0.00031EPSS

Exploits0References4

Tenable Nessus•added 2026/05/06 12:0 a.m.•2 views

Unity Linux 20.1060e / 20.1070e Security Update: openssh (UTSA-2026-016487)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016487 advisory. OpenSSH before 10.3 mishandles the authorizedkeys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority tha...

8.1CVSS5.6AI score0.00031EPSS

Exploits0References4

RedHat Linux•added 2026/05/04 10:5 a.m.•2 views

OpenSSH: OpenSSH: Security bypass via mishandling of authorized_keys principals option

8.1CVSS5.7AI score0.00031EPSS

RedHat Linux•added 2026/05/04 9:57 a.m.•2 views

OpenSSH: OpenSSH: Security bypass via mishandling of authorized_keys principals option

8.1CVSS6AI score0.00031EPSS

RedHat Linux•added 2026/05/04 9:42 a.m.•4 views

Important: Red Hat Security Advisory: openssh security update

An update for openssh is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...