CVE-2026-35387

EUVD-2026-18402
OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.1 LOW
NETWORK
HIGH
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 14%
Affected Products (NVD)
VendorProductVersion
openbsdopenssh
𝑥
< 10.3
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
openssh
bookworm
1:9.2p1-2+deb12u10
fixed
bookworm (security)
vulnerable
bullseye
vulnerable
bullseye (security)
1:8.4p1-5+deb11u7
fixed
forky
1:10.3p1-4
fixed
sid
1:10.3p1-5
fixed
trixie
1:10.0p1-7+deb13u4
fixed
trixie (security)
vulnerable
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
openssh
RHEL 8
0:8.0p1-29.el8_10
fixed
RHEL 8.4 AUS
0:8.0p1-7.el8_4.2
fixed
RHEL 8.6 AUS
0:8.0p1-15.el8_6.5
fixed
RHEL 8.6 E4S
0:8.0p1-15.el8_6.5
fixed
RHEL 8.6 TUS
0:8.0p1-15.el8_6.5
fixed
RHEL 8.8 E4S
0:8.0p1-20.el8_8.4
fixed
RHEL 8.8 TUS
0:8.0p1-20.el8_8.4
fixed
RHEL 9
0:9.9p1-7.el9_8
fixed
openssh-askpass
RHEL 8
0:8.0p1-29.el8_10
fixed
RHEL 8.6 AUS
0:8.0p1-15.el8_6.5
fixed
RHEL 8.6 E4S
0:8.0p1-15.el8_6.5
fixed
RHEL 8.6 TUS
0:8.0p1-15.el8_6.5
fixed
RHEL 9
0:9.9p1-7.el9_8
fixed
openssh-cavs
RHEL 8
0:8.0p1-29.el8_10
fixed
RHEL 8.6 AUS
0:8.0p1-15.el8_6.5
fixed
RHEL 8.6 E4S
0:8.0p1-15.el8_6.5
fixed
RHEL 8.6 TUS
0:8.0p1-15.el8_6.5
fixed
openssh-clients
RHEL 8
0:8.0p1-29.el8_10
fixed
RHEL 8.4 AUS
0:8.0p1-7.el8_4.2
fixed
RHEL 8.6 AUS
0:8.0p1-15.el8_6.5
fixed
RHEL 8.6 E4S
0:8.0p1-15.el8_6.5
fixed
RHEL 8.6 TUS
0:8.0p1-15.el8_6.5
fixed
RHEL 8.8 E4S
0:8.0p1-20.el8_8.4
fixed
RHEL 8.8 TUS
0:8.0p1-20.el8_8.4
fixed
RHEL 9
0:9.9p1-7.el9_8
fixed
openssh-keycat
RHEL 8
0:8.0p1-29.el8_10
fixed
RHEL 8.6 AUS
0:8.0p1-15.el8_6.5
fixed
RHEL 8.6 E4S
0:8.0p1-15.el8_6.5
fixed
RHEL 8.6 TUS
0:8.0p1-15.el8_6.5
fixed
RHEL 9
0:9.9p1-7.el9_8
fixed
openssh-ldap
RHEL 8
0:8.0p1-29.el8_10
fixed
RHEL 8.6 AUS
0:8.0p1-15.el8_6.5
fixed
RHEL 8.6 E4S
0:8.0p1-15.el8_6.5
fixed
RHEL 8.6 TUS
0:8.0p1-15.el8_6.5
fixed
openssh-server
RHEL 8
0:8.0p1-29.el8_10
fixed
RHEL 8.4 AUS
0:8.0p1-7.el8_4.2
fixed
RHEL 8.6 AUS
0:8.0p1-15.el8_6.5
fixed
RHEL 8.6 E4S
0:8.0p1-15.el8_6.5
fixed
RHEL 8.6 TUS
0:8.0p1-15.el8_6.5
fixed
RHEL 8.8 E4S
0:8.0p1-20.el8_8.4
fixed
RHEL 8.8 TUS
0:8.0p1-20.el8_8.4
fixed
RHEL 9
0:9.9p1-7.el9_8
fixed
pam
RHEL 8
0:0.10.3-7.29.el8_10
fixed
RHEL 8.6 AUS
0:0.10.3-7.15.el8_6.5
fixed
RHEL 8.6 E4S
0:0.10.3-7.15.el8_6.5
fixed
RHEL 8.6 TUS
0:0.10.3-7.15.el8_6.5
fixed
RHEL 9
0:0.10.4-7.7.el9_8
fixed
Amazon Linux logo
Amazon Linux Releases
Amazon Package
Release
openssh
Amazon Linux 2023
0:8.7p1-8.amzn2023.0.18
fixed
openssh-clients
Amazon Linux 2023
0:8.7p1-8.amzn2023.0.18
fixed
openssh-clients-debuginfo
Amazon Linux 2023
0:8.7p1-8.amzn2023.0.18
fixed
openssh-debuginfo
Amazon Linux 2023
0:8.7p1-8.amzn2023.0.18
fixed
openssh-debugsource
Amazon Linux 2023
0:8.7p1-8.amzn2023.0.18
fixed
openssh-keycat
Amazon Linux 2023
0:8.7p1-8.amzn2023.0.18
fixed
openssh-keycat-debuginfo
Amazon Linux 2023
0:8.7p1-8.amzn2023.0.18
fixed
openssh-server
Amazon Linux 2023
0:8.7p1-8.amzn2023.0.18
fixed
openssh-server-debuginfo
Amazon Linux 2023
0:8.7p1-8.amzn2023.0.18
fixed
pam_ssh_agent_auth
Amazon Linux 2023
0:0.10.4-4.8.amzn2023.0.18
fixed
pam_ssh_agent_auth-debuginfo
Amazon Linux 2023
0:0.10.4-4.8.amzn2023.0.18
fixed