CLEANSTART-2026-PW33232 SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process

Multiple security vulnerabilities affect the istio-fips package. SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details...

CLEANSTART-2026-YD51202 SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process

Multiple security vulnerabilities affect the istio-fips package. SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.16.56 bug fix and security update

Red Hat OpenShift Container Platform release 4.16.56 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a...

ROS-20260129-73-0079

A vulnerability in the SSH server of the library for the Go crypto programming language is related to unrestricted resource allocation. Exploitation of the vulnerability could allow a remote attacker to affect the availability of protected information...

ROS-20260129-73-0077

A vulnerability in the SSH server of the library for the Go crypto programming language is related to unrestricted resource allocation. Exploitation of the vulnerability could allow a remote attacker to affect the availability of protected information...

ROS-20260129-73-0062

A vulnerability in the ssh-agent library ssh-agent server for the Go crypto programming language involves reading beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

SSH Key Persistence

This module will add an SSH key to a specified user or all, to allow remote login via SSH at any time. No payload is required for this module to work. If an SSH key is not provided, a new 4096 bit RSA keypair will be generated. The private key will be stored as loot for later use. Module Options...

CVE-2025-59105

With physical access to the device and enough time an attacker can desolder the flash memory, modify it and then reinstall it because of missing encryption. Thus, essential files, such as "/etc/passwd", as well as stored certificates, cryptographic keys, stored PINs and so on can be modified and...

CVE-2025-59103

The Access Manager 92xx in hardware revision K7 is based on Linux instead of Windows CE embedded in older hardware revisions. In this new hardware revision it was noticed that an SSH service is exposed on port 22. By analyzing the firmware of the devices, it was noticed that there are two users...

CVE-2025-59105

With physical access to the device and enough time an attacker can desolder the flash memory, modify it and then reinstall it because of missing encryption. Thus, essential files, such as "/etc/passwd", as well as stored certificates, cryptographic keys, stored PINs and so on can be modified and...

CVE-2025-59105

CVE-2025-59105 describes unencrypted flash storage in the dormakaba access manager. With physical access and time, an attacker can desolder, modify, and reflash memory, enabling read/write of critical data (e.g., /etc/passwd, stored certificates, cryptographic keys, PINs) and potentially gain SSH...

EUVD-2025-206370

The Access Manager 92xx in hardware revision K7 is based on Linux instead of Windows CE embedded in older hardware revisions. In this new hardware revision it was noticed that an SSH service is exposed on port 22. By analyzing the firmware of the devices, it was noticed that there are two users...

CVE-2025-59103 Weak Default Passwords for SSH Access in dormakaba access manager

The Access Manager 92xx in hardware revision K7 is based on Linux instead of Windows CE embedded in older hardware revisions. In this new hardware revision it was noticed that an SSH service is exposed on port 22. By analyzing the firmware of the devices, it was noticed that there are two users...

CVE-2025-59103

The Access Manager 92xx in hardware revision K7 is based on Linux instead of Windows CE embedded in older hardware revisions. In this new hardware revision it was noticed that an SSH service is exposed on port 22. By analyzing the firmware of the devices, it was noticed that there are two users...

RHEL 9 : podman (RHSA-2026:1084)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:1084 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods...

PT-2026-4755

With physical access to the device and enough time an attacker can desolder the flash memory, modify it and then reinstall it because of missing encryption. Thus, essential files, such as "/etc/passwd", as well as stored certificates, cryptographic keys, stored PINs and so on can be modified and...

PT-2026-4753

Name of the Vulnerable Software and Affected Versions Access Manager 92xx hardware revision K7 affected versions not specified Description The Access Manager 92xx hardware revision K7 utilizes a Linux-based operating system, differing from older revisions that used Windows CE. An SSH service is...

CVE-2026-24058

Soft Serve is a self-hostable Git server for the command line. Versions 0.11.2 and below have a critical authentication bypass vulnerability that allows an attacker to impersonate any user including admin by "offering" the victim's public key during the SSH handshake before authenticating with...

CVE-2026-1102

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.3 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an unauthenticated user to create a denial of service condition by sending repeated malformed SSH authentication requests...

OESA-2026-1191 curl security update

cURL is a computer software project providing a library libcurl and command-line tool curl for transferring data using various protocols. Security Fixes: When an OAuth2 bearer token is used for an HTTPS transfer, and that transfer performs a cross-protocol redirect to a second URL that uses an...