PT-2026-56293 · Openssh · Openssh

Published

2026-07-08

·

Updated

2026-07-08

·

CVE-2026-60002

CVSS v3.1

7.7

High

VectorAV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
Name of the Vulnerable Software and Affected Versions OpenSSH versions prior to 10.4
Description A use-after-free issue exists in the ssh client. This occurs when a server changes its host key during a key re-exchange, which is a process where the client and server negotiate new session keys to maintain security.
Recommendations Update to version 10.4 or later.

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-60002

Affected Products

Openssh