Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2 matches found

CVE
CVEadded yesterday9 views

CVE-2026-46705

The vulnerability CVE-2026-46705 affects russh (Rust SSH client/server) versions 0.34.0-beta.1 through before 0.61.0. The server’s authentication path retained russh-owned state (e.g., remaining methods, partial_success, and in-progress state) across SSH_MSG_USERAUTH_REQUEST messages when the use...

5.3CVSS5.4AI score
Exploits0References1
Cvelist
Cvelistadded yesterday13 views

CVE-2026-46705 russh server userauth state is not reset when authentication principal changes

Russh is a Rust SSH client & server library. From version 0.34.0-beta.1 to before version 0.61.0, the russh server authentication path keeps internal userauth state across SSHMSGUSERAUTHREQUEST messages without separating that state when the request principal changes. RFC 4252 allows the user nam...

5.3CVSS
Exploits0References1
Rows per page
Query Builder