Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2026-55654
Undergoing Analysis
More InfoOfficial Page
Source-secalert@redhat.com
View Known Exploited Vulnerability (KEV) details
Published At-23 Jun, 2026 | 04:17
Updated At-23 Jun, 2026 | 15:17

A flaw was found in OpenSSH. This vulnerability, a heap out-of-bounds read, occurs during the cleanup of GSSAPI (Generic Security Service Application Programming Interface) indicators when a trailing NULL termination is missing in the auth-indicators array. A remote attacker, under specific configurations involving GSSAPI authentication and a Kerberos environment, could exploit this to cause the SSH authentication path to crash or abort. This leads to a denial of service (DoS), impacting the availability of the SSH service.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.13.7LOW
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
N/A
Type: Secondary
Version: 3.1
Base score: 3.7
Base severity: LOW
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
Type: N/A
Version:
Base score:
Base severity: N/A
Vector:
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-125Secondarysecalert@redhat.com
CWE ID: CWE-125
Type: Secondary
Source: secalert@redhat.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://access.redhat.com/security/cve/CVE-2026-55654secalert@redhat.com
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=2462493secalert@redhat.com
N/A
Hyperlink: https://access.redhat.com/security/cve/CVE-2026-55654
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=2462493
Source: secalert@redhat.com
Resource: N/A
Change History
0Changes found
Details not found