CVE-2026-35387
published 2026-04-02CVE-2026-35387: OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is…
PriorityP335medium6.5CVSS 3.1
AVNACHPRNUINSUCHILAN
EPSS
0.24%
14.6th percentile
OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | openssh | — | — |
| msrc | azl3_openssh_9.8p1-5_on_azure_linux_3.0 | — | — |
| msrc | cbl2_openssh_8.9p1-9_on_cbl_mariner_2.0 | — | — |
| openbsd | openssh | < 10.3 | 10.3 |
| paloalto | prisma_sd | — | — |
| ubuntu | openssh | — | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N
osv3.1LOW
vendor_ubuntu7.5HIGH
vendor_debian3.1LOW
vendor_msrc3.1LOW
vendor_redhat3.1LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Palo Alto
PAN-SA-2026-0009 Informational Bulletin: Impact assessment of OSS CVEs in Prisma SD-WAN ION
vendor_paloalto·2026-06-10·CVSS 8.1
CVE-2026-35385 [HIGH] PAN-SA-2026-0009 Informational Bulletin: Impact assessment of OSS CVEs in Prisma SD-WAN ION
PAN-SA-2026-0009 Informational Bulletin: Impact assessment of OSS CVEs in Prisma SD-WAN ION
The Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to Prisma SD-WAN ION. While Prisma SD-WAN ION may include the
CVEs: CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388, CVE-2026-35414
Affected products: Prisma SD
Ubuntu
OpenSSH vulnerabilities
vendor_ubuntu·2026-04-29·CVSS 7.5
CVE-2026-35414 [HIGH] OpenSSH vulnerabilities
Title: OpenSSH vulnerabilities
Summary: Several security issues were fixed in OpenSSH.
Christos Papakonstantinou discovered that the OpenSSH scp tool incorrectly
handled the legacy scp protocol (-O) option. This could result in certain
files being installed setuid or setgid, contrary to expectations.
(CVE-2026-35385)
Florian Kohnhäuser discovered that OpenSSH incorrectly handled shell
metacharacters in usernames within a command line. When untrusted usernames
and non-default configurations using % in ssh_config are being used, an
attacker could possibly use this issue to execute arbitrary code.
(CVE-2026-35386)
Christos Papakonstantinou discovered that OpenSSH incorrectly handled
parsing the PubkeyAcceptedAlgorithms and HostbasedAcceptedAlgorithms
options. This could result in unintend
Red Hat
OpenSSH: OpenSSH: Information disclosure due to unintended cryptographic algorithm usage
vendor_redhat·2026-04-02·CVSS 3.1
CVE-2026-35387 [LOW] CWE-115 OpenSSH: OpenSSH: Information disclosure due to unintended cryptographic algorithm usage
OpenSSH: OpenSSH: Information disclosure due to unintended cryptographic algorithm usage
OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms.
A flaw was found in OpenSSH. This vulnerability allows the system to use unintended Elliptic Curve Digital Signature Algorithm (ECDSA) algorithms. This occurs because the configuration for accepted public key algorithms is misinterpreted, leading to the use of weaker cryptographic methods than intended. This could potentially allow an attacker to compromise the confidentiality of data.
Mitigation: Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Pro
Microsoft
CVE-2026-35387: Mariner: Mariner
mitre: mitre
Customer Action Required: Yes
vendor_msrc·2026-04-02·CVSS 3.1
CVE-2026-35387 [LOW] CWE-670 CVE-2026-35387: Mariner: Mariner
mitre: mitre
Customer Action Required: Yes
Mariner: Mariner
mitre: mitre
Customer Action Required: Yes
Debian
CVE-2026-35387: openssh - OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA al...
vendor_debian·2026·CVSS 3.1
CVE-2026-35387 [LOW] CVE-2026-35387: openssh - OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA al...
OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms.
Scope: local
bookworm: open
bullseye: open
forky: open
sid: open
trixie: open
VulDB
OpenSSH up to 10.2 control flow (Nessus ID 304835 / WID-SEC-2026-0979)
vuldb·2026-05-04·CVSS 6.5
CVE-2026-35387 [MEDIUM] OpenSSH up to 10.2 control flow (Nessus ID 304835 / WID-SEC-2026-0979)
A vulnerability described as problematic has been identified in OpenSSH up to 10.2. The affected element is an unknown function. The manipulation results in incorrect control flow.
This vulnerability is cataloged as CVE-2026-35387. The attack may be launched remotely. There is no exploit available.
Upgrading the affected component is recommended.
OSV
CVE-2026-35387: (OpenSSH before 10
osv·2026-04-03·CVSS 3.1
CVE-2026-35387 [LOW] CVE-2026-35387: (OpenSSH before 10
(OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of an ...)
OSV
CVE-2026-35387: OpenSSH before 10
osv·2026-04-02·CVSS 3.1
CVE-2026-35387 [LOW] CVE-2026-35387: OpenSSH before 10
OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms.
GHSA
GHSA-hpxh-vgmp-3qp6: OpenSSH before 10
ghsa_unreviewed·2026-04-02
CVE-2026-35387 [LOW] CWE-670 GHSA-hpxh-vgmp-3qp6: OpenSSH before 10
OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2026-35387 openssh: OpenSSH: Information disclosure due to unintended cryptographic algorithm usage [fedora-all]
bugzilla·2026-04-03·CVSS 3.1
CVE-2026-35387 [LOW] CVE-2026-35387 openssh: OpenSSH: Information disclosure due to unintended cryptographic algorithm usage [fedora-all]
CVE-2026-35387 openssh: OpenSSH: Information disclosure due to unintended cryptographic algorithm usage [fedora-all]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
Discussion:
FEDORA-2026-2cedc95af8 (openssh-10.0p1-9.fc43) has been submitted as an update to Fedora 43.
https://bodhi.fedoraproject.org/updates/FEDORA-2026-2cedc95af8
---
FEDORA-2026-93679cc7c2 (openssh-10.2p1-8.fc44) has been submitted as an update to Fedora 44.
https://bodhi.fedoraproject.org/updates/FEDORA-2026-93679cc7c2
Bugzilla
CVE-2026-35387 OpenSSH: OpenSSH: Information disclosure due to unintended cryptographic algorithm usage
bugzilla·2026-04-02·CVSS 3.1
CVE-2026-35387 [LOW] CVE-2026-35387 OpenSSH: OpenSSH: Information disclosure due to unintended cryptographic algorithm usage
CVE-2026-35387 OpenSSH: OpenSSH: Information disclosure due to unintended cryptographic algorithm usage
OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms.
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 10.0 Extended Update Support
Via RHSA-2026:12389 https://access.redhat.com/errata/RHSA-2026:12389
Wiz
CVE-2026-35388 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.5
CVE-2026-35388 [HIGH] CVE-2026-35388 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-35388 :
OpenSSH vulnerability analysis and mitigation
OpenSSH before 10.3 omits connection multiplexing confirmation for proxy-mode multiplexing sessions.
Source : NVD
## 2.5
Score
Published April 2, 2026
Severity LOW
CNA Score 2.5
Affected Technologies
OpenSSH
Linux Red Hat
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 1.3
Exploitation Probability (EPSS) N/A
Affected packages and libraries
openssh
cpe:2.3:a:openbsd:openssh
Sources
NVD
Debian 11, 14 Severity LOW No Fix Added at: Apr 02, 2026
Debian 12, 13 Severity MEDIUM No Fix Added at: Apr 02, 2026
Echo Severity LOW No Fix Added at: Apr 02, 2026
Red Hat 6, 7, 8, 9, 10 Severity LOW No Fix Added at: Apr 05, 202
Wiz
CVE-2026-3497 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 6.9
CVE-2026-3497 [MEDIUM] CVE-2026-3497 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-3497 :
OpenSSH vulnerability analysis and mitigation
Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions and does not affect the OpenSSH upstream project itself. The usage of sshpkt_disconnect() on an error, which does not terminate the process, allows an attacker to send an unexpected GSSAPI message type during the GSSAPI key exchange to the server, which will call the underlying function and continue the execution of the program without setting the related connection variables. As the variables are not initialized to NULL the code later accesses those uninitialized variables, accessing random memory, which could lead to undefined behavior. The recommended workar
Wiz
CVE-2026-35386 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.5
CVE-2026-35386 [HIGH] CVE-2026-35386 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-35386 :
OpenSSH vulnerability analysis and mitigation
In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username on the command line is untrusted, and also requires a non-default configurations of % in ssh_config.
Source : NVD
## 3.6
Score
Published April 2, 2026
Severity LOW
CNA Score 3.6
Affected Technologies
OpenSSH
Linux Red Hat
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 0.5
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:openbsd:openssh
openssh-clients
Sources
NVD
Debian 11, 14 Severity LOW No Fix Added at: Apr 02, 2026
Debian 1
Wiz
CVE-2026-35385 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.5
CVE-2026-35385 [HIGH] CVE-2026-35385 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-35385 :
OpenSSH vulnerability analysis and mitigation
In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the download is performed as root with -O (legacy scp protocol) and without -p (preserve mode).
Source : NVD
## 7.5
Score
Published April 2, 2026
Severity HIGH
CNA Score 7.5
Affected Technologies
OpenSSH
Linux Red Hat
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 10.5
Exploitation Probability (EPSS) N/A
Affected packages and libraries
openssh-ldap
openssh-server
Sources
NVD
Debian 11, 14 Severity HIGH No Fix Added at: Apr 02, 2026
Debian 12, 13 Severity MEDIUM No Fix Added at:
Wiz
CVE-2026-35387 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.5
CVE-2026-35387 [HIGH] CVE-2026-35387 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-35387 :
OpenSSH vulnerability analysis and mitigation
OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms.
Source : NVD
## 3.1
Score
Published April 2, 2026
Severity LOW
CNA Score 3.1
Affected Technologies
OpenSSH
Linux Red Hat
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 7.6
Exploitation Probability (EPSS) N/A
Affected packages and libraries
openssh-cavs
openssh-keysign
Sources
NVD
Debian 11, 14 Severity LOW No Fix Added at: Apr 02, 2026
Debian 12, 13 Severity MEDIUM No Fix Added at: Apr 02, 2026
Echo Severity LOW No Fix
Wiz
CVE-2026-35414 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.5
CVE-2026-35414 [HIGH] CVE-2026-35414 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-35414 :
OpenSSH vulnerability analysis and mitigation
OpenSSH before 10.3 mishandles the authorized_keys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority that makes certain use of comma characters.
Source : NVD
## 5.4
Score
Published April 2, 2026
Severity MEDIUM
CNA Score 4.2
Affected Technologies
OpenSSH
Linux Red Hat
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 3.6
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cpe:2.3:a:openbsd:openssh
openssh-cavs
Sources
Debian 11, 12, 13, 14 Severity MEDIUM No Fix Added at: Apr 02, 2026
Echo Severity MEDIUM No Fix Added at: Apr 02, 2026
Ho
2026-04-02
Published