Lucene search
K

625 matches found

RedhatCVE
RedhatCVE
added 6 days ago4 views

CVE-2026-59998

A flaw was found in OpenSSH. The sshd component has an undocumented security-relevant behavior where GSSAPIStrictAcceptorCheck has no value when the server is in a Windows Active Directory environment. This could lead to unintended information disclosure and impact data integrity...

6.5CVSS5.9AI score0.00179EPSS
Exploits0References6
CVE
CVE
added 6 days ago36 views

CVE-2026-60000

CVE-2026-60000 affects OpenSSH sshd prior to 10.4. The vulnerability arises from mishandling MaxAuthTries for GSSAPIAuthentication, enabling a remote attacker to cause denial of service via resource exhaustion from excessive authentication attempts. Impact is a server-wide DoS (availability loss)...

7.5CVSS6AI score0.00407EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 6 days ago114 views

CVE-2026-60000

sshd in OpenSSH before 10.4 allows remote attackers to cause a denial of service resource consumption from excessive authentication attempts because MaxAuthTries was mishandled for GSSAPIAuthentication...

3.7CVSS0.00407EPSS
Exploits0References3
Cvelist
Cvelist
added 6 days ago121 views

CVE-2026-59999

In sshd in OpenSSH before 10.4, DisableForwarding=yes was supposed to take precedence over PermitTunnel=yes, but did not...

5.9CVSS0.0014EPSS
Exploits0References3
Debian CVE
Debian CVE
added 6 days ago4 views

CVE-2026-59998

sshd in OpenSSH before 10.4 has an undocumented security-relevant behavior: GSSAPIStrictAcceptorCheck has no value if the server is in Windows Active Directory...

6.5CVSS5.9AI score0.00179EPSS
Exploits0
AlpineLinux
AlpineLinux
added 6 days ago7 views

CVE-2026-59998

sshd in OpenSSH before 10.4 has an undocumented security-relevant behavior: GSSAPIStrictAcceptorCheck has no value if the server is in Windows Active Directory...

6.5CVSS5.9AI score0.00179EPSS
Exploits0References3
OSV
OSV
added 2026/06/19 1:41 p.m.7 views

SUSE-SU-2026:2472-1 Security update for apache-sshd, jpgpj

This update for apache-sshd, jpgpj fixes the following issues - CVE-2020-36843: no check performed on scalar to avoid signature malleability bsc1239551. - CVE-2026-48827: Apache MINA SSHD: Path traversal in org.apache.sshd: sshd-git bsc1267018. Changes for jpgpj: - Initial packaging with v1.3...

7.1CVSS5.8AI score0.00527EPSS
Exploits0References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.286 views

ShellShock - Remote Code Execution

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the modcgi and modcg...

10CVSS9.1AI score0.99999EPSS
Exploits141References5
GithubExploit
GithubExploit
added 2026/06/13 4:2 p.m.90 views

Exploit for Embedded Malicious Code in Tukaani Xz

XZ Backdoor Labs CVE-2024-3094 Safe, hands-on labs for...

10CVSS8.7AI score0.85974EPSS
Exploits40
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/11 2:2 a.m.21 views

Malicious code in india-map-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a1de9d093e23698e3ad3f0336a7619bd43049d1f62b822744733a48060b51a4a package.json declares a postinstall hook that runs curl -skL...

6.2AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/08 5:34 p.m.11 views

CVE-2026-48827

A flaw was found in Apache MINA SSHD bundle sshd-git. This path traversal vulnerability allows authenticated users to access Git repositories located outside the intended server root directory. The lack of proper path validation during Git operations, such as git-upload-pack and git-receive-pack,...

7.1CVSS5.5AI score0.00527EPSS
Exploits0References4
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/03 12:0 a.m.12 views

apache-sshd-2.18.0-1.1 on GA media (moderate)

apache-sshd-2.18.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10919-1 Rating: moderate Cross-References: CVE-2020-36843 CVE-2026-48827 CVSS scores: CVE-2020-36843 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVE-2020-36843 SUSE : 8.7...

8.7CVSS6.5AI score0.00527EPSS
Exploits0
OSV
OSV
added 2026/06/02 9:15 p.m.4 views

CVE-2026-10650 warmcat libwebsockets SSH Protocol sshd.c lws_ssh_parse_plaintext resource consumption

A flaw has been found in warmcat libwebsockets up to 4.5.8. This issue affects the function lwssshparseplaintext of the file plugins/protocollwssshbase/sshd.c of the component SSH Protocol Handler. Executing a manipulation of the argument msglen can lead to resource consumption. The attack may be...

6.9CVSS5.6AI score0.00429EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2026/06/02 1:37 a.m.14 views

SUSE CVE-2026-48827

Path traversal vulnerability in Apache MINA SSHD bundle sshd-git. Lack of path validation in git-upload-pack, git-receive-pack, and other git operations allows users authenticated over SSH access to git repositories outside the configured git server root directory. Applications are affected if th...

6.5CVSS5.8AI score0.00527EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

Libwebsockets 安全漏洞

Libwebsockets is a standardized network library open-sourced by the lws-team. Versions of Libwebsockets 4.5.8 and earlier contain security vulnerabilities. These vulnerabilities stem from the lwssshParseplaintext function in the SSH Protocol Handler component’s plugins/protocollwssshbase/sshd.c...

6.9CVSS5.3AI score0.00429EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/02 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-48827

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Path traversal vulnerability in Apache MINA SSHD bundle sshd-git. Lack of path validation in git-upload- pack, git-receive-pack, and other git operations allows...

7.1CVSS5.8AI score0.00527EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2026/06/01 10:29 a.m.8 views

org.apache.sshd:apache-sshd (>=3.0.0-M1 <=3.0.0-M3) potentially affected by CVE-2026-48827 via org.apache.sshd:sshd-git (>=3.0.0-M1 <=3.0.0-M3)

org.apache.sshd:sshd-git MAVEN version =3.0.0-M1, =3.0.0-M1, =3.0.0-M3 Source cves: CVE-2026-48827 Source advisory: SNYK:JAVA-ORGAPACHESSHD-17151844...

7.1CVSS5.5AI score0.00527EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/06/01 10:29 a.m.10 views

com.infobip.kafkistry:kafkistry-app (>=0.7.0 <=0.10.1), com.infobip.kafkistry:kafkistry-auditing (>=0.7.0 <=0.10.1) +19 more potentially affected by CVE-2026-48827 via org.apache.sshd:sshd-git (>=2.10.0 <=2.17.1)

org.apache.sshd:sshd-git MAVEN version =2.10.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.9.9, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.7.0, =0.62.0, =2.25.0, =1.1.0, =1.1.1 and more Source cves: CVE-2026-48827 Source advisory: SNYK:JAVA-ORGAPACHESSHD-17151844...

7.1CVSS5.7AI score0.00527EPSS
Exploits0
NVD
NVD
added 2026/06/01 9:16 a.m.19 views

CVE-2026-48827

Path traversal vulnerability in Apache MINA SSHD bundle sshd-git. Lack of path validation in git-upload-pack, git-receive-pack, and other git operations allows users authenticated over SSH access to git repositories outside the configured git server root directory. Applications are affected if th...

7.1CVSS0.00527EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/01 8:37 a.m.8 views

CVE-2026-48827

Path traversal vulnerability in Apache MINA SSHD bundle sshd-git. Lack of path validation in git-upload-pack, git-receive-pack, and other git operations allows users authenticated over SSH access to git repositories outside the configured git server root directory. Applications are affected if th...

7.1CVSS5.8AI score0.00527EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder