CVE-2026-20083

A vulnerability in the Secure Copy Protocol SCP server feature of Cisco IOS XE Software could allow an authenticated, local attacker with low privileges to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper handling of a malformed SCP request. An...

CVE-2026-20083

A vulnerability in the Secure Copy Protocol SCP server feature of Cisco IOS XE Software could allow an authenticated, local attacker with low privileges to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper handling of a malformed SCP request. An...

PT-2026-28085

Name of the Vulnerable Software and Affected Versions n8n versions prior to 2.5.0 Description n8n is a workflow automation platform. When the Source Control feature is configured to use SSH, the SSH command used for git operations explicitly disabled host key verification. A network attacker...

CVE-2026-4433

An SSH misconfigurations exists in Tenable OT that led to the potential exfiltration of socket, port, and service information via the ostunnel user and GatewayPorts. This could be used to potentially glean information about the underlying system and give an attacker information that could be used...

CVE-2026-4433

An SSH misconfigurations exists in Tenable OT that led to the potential exfiltration of socket, port, and service information via the ostunnel user and GatewayPorts. This could be used to potentially glean information about the underlying system and give an attacker information that could be used...

Updated trilead-ssh2 packages fix security vulnerabilities

CVE-2023-48795: Fixed prefix truncation breaking ssh channel integrity aka Terrapin Attack...

MGASA-2026-0066 Updated trilead-ssh2 packages fix security vulnerabilities

CVE-2023-48795: Fixed prefix truncation breaking ssh channel integrity aka Terrapin Attack...

GHSA-X6W6-2XWP-3JH6 Froxlor is vulnerable to BIND zone file injection via unsanitized DNS record content in DomainZones API

Summary The DomainZones.add API endpoint accessible to customers with DNS enabled does not validate the content field for several DNS record types LOC, RP, SSHFP, TLSA. An attacker can inject newlines and BIND zone file directives e.g. $INCLUDE into the zone file that gets written to disk when th...

CLSA-2026-1774369958 openssh: Fix of CVE-2026-3497

CVE-2026-3497: replace incorrect use of sshpktdisconnect with sshpacketdisconnect and properly initialize variables...

Malicious code in ssh-common (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d42bf2b2b77d94173694ed6e952fc5efb2d0de3b04f237f15ffa9470809a321e The package ssh-common was found to contain malicious code...

MAL-2026-2390 Malicious code in ssh-common (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d42bf2b2b77d94173694ed6e952fc5efb2d0de3b04f237f15ffa9470809a321e The package ssh-common was found to contain malicious code...

CLSA-2026-1774366569 Fix CVE(s): CVE-2026-3497

SECURITY UPDATE: pre-auth crash via GSSAPI key exchange - debian/patches/CVE-2026-3497.patch: replace sshpktdisconnect with sshpacketdisconnect and initialize gssbufferdesc variables in kexgssc.c, kexgsss.c. - CVE-2026-3497...

Soft Serve 安全漏洞

Soft Serve is a self-hosted command-line Git server developed by Charm. Versions of Soft Serve from 0.6.0 to 0.11.6 contained security vulnerabilities. These vulnerabilities were due to an authorization flaw in repository imports, which allowed any authenticated SSH user to clone the server’s loc...

Tenable Operation Technology 安全漏洞

Tenable Operation Technology is a platform developed by Tenable, a company in the United States, for visualizing industrial control systems and critical infrastructure assets, as well as monitoring security. There are security vulnerabilities in Tenable Operation Technology, which stem from...

PT-2026-27518

An SSH misconfigurations exists in Tenable OT that led to the potential exfiltration of socket, port, and service information via the ostunnel user and GatewayPorts. This could be used to potentially glean information about the underlying system and give an attacker information that could be used...

Security Bulletin: Multiple security vulnerabilities in Go affects IBM Robotic Process Automation for Cloud Pak

Summary Multiple security vulnerabilities in Go affects IBM Robotic Process Automation for Cloud Pak. Go is used by IBM Robotic Process Automation for Cloud Pak as part of its deployment. This bulletin identifies the fixes required to resolve the vulnerabilities. Vulnerability Details...

Security Bulletin: Memory Safety Vulnerabilities in SSH Agents and Servers: Out-of-Bounds Read and Unbounded Memory Consumption, affects watsonx.data

Summary SSH Agent servers are vulnerable to out-of-bounds reads when processing malformed new identity requests, which can cause the agent to panic. Additionally, SSH servers handling GSSAPI authentication requests do not validate the number of mechanisms specified, potentially allowing attackers...

Important: Red Hat Security Advisory: podman security update

An update for podman is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

RHEL 9 : podman (RHSA-2026:5222)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5222 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods...

CVE-2026-4115

PuTTY 0.83 is affected by CVE-2026-4115 in the Ed25519 Signature Handler (eddsa_verify in crypto/ecc-ssh.c). The vulnerability causes improper verification of cryptographic signatures. Exploitation may be performed remotely, but the attack is described as high complexity with low exploitability. ...