CVE-2026-35388

EUVD-2026-18404
OpenSSH before 10.3 omits connection multiplexing confirmation for proxy-mode multiplexing sessions.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
2.5 LOW
LOCAL
HIGH
NONE
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 2%
Affected Products (NVD)
VendorProductVersion
openbsdopenssh
𝑥
< 10.3
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
openssh
bookworm
1:9.2p1-2+deb12u10
fixed
bookworm (security)
vulnerable
bullseye
vulnerable
bullseye (security)
1:8.4p1-5+deb11u7
fixed
forky
1:10.3p1-4
fixed
sid
1:10.3p1-5
fixed
trixie
1:10.0p1-7+deb13u4
fixed
trixie (security)
vulnerable
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
openssh
RHEL 8
0:8.0p1-29.el8_10
fixed
RHEL 8.4 AUS
0:8.0p1-7.el8_4.2
fixed
RHEL 8.6 AUS
0:8.0p1-15.el8_6.5
fixed
RHEL 8.6 E4S
0:8.0p1-15.el8_6.5
fixed
RHEL 8.6 TUS
0:8.0p1-15.el8_6.5
fixed
RHEL 8.8 E4S
0:8.0p1-20.el8_8.4
fixed
RHEL 8.8 TUS
0:8.0p1-20.el8_8.4
fixed
RHEL 9
0:9.9p1-7.el9_8
fixed
openssh-askpass
RHEL 8
0:8.0p1-29.el8_10
fixed
RHEL 8.6 AUS
0:8.0p1-15.el8_6.5
fixed
RHEL 8.6 E4S
0:8.0p1-15.el8_6.5
fixed
RHEL 8.6 TUS
0:8.0p1-15.el8_6.5
fixed
RHEL 9
0:9.9p1-7.el9_8
fixed
openssh-cavs
RHEL 8
0:8.0p1-29.el8_10
fixed
RHEL 8.6 AUS
0:8.0p1-15.el8_6.5
fixed
RHEL 8.6 E4S
0:8.0p1-15.el8_6.5
fixed
RHEL 8.6 TUS
0:8.0p1-15.el8_6.5
fixed
openssh-clients
RHEL 8
0:8.0p1-29.el8_10
fixed
RHEL 8.4 AUS
0:8.0p1-7.el8_4.2
fixed
RHEL 8.6 AUS
0:8.0p1-15.el8_6.5
fixed
RHEL 8.6 E4S
0:8.0p1-15.el8_6.5
fixed
RHEL 8.6 TUS
0:8.0p1-15.el8_6.5
fixed
RHEL 8.8 E4S
0:8.0p1-20.el8_8.4
fixed
RHEL 8.8 TUS
0:8.0p1-20.el8_8.4
fixed
RHEL 9
0:9.9p1-7.el9_8
fixed
openssh-keycat
RHEL 8
0:8.0p1-29.el8_10
fixed
RHEL 8.6 AUS
0:8.0p1-15.el8_6.5
fixed
RHEL 8.6 E4S
0:8.0p1-15.el8_6.5
fixed
RHEL 8.6 TUS
0:8.0p1-15.el8_6.5
fixed
RHEL 9
0:9.9p1-7.el9_8
fixed
openssh-ldap
RHEL 8
0:8.0p1-29.el8_10
fixed
RHEL 8.6 AUS
0:8.0p1-15.el8_6.5
fixed
RHEL 8.6 E4S
0:8.0p1-15.el8_6.5
fixed
RHEL 8.6 TUS
0:8.0p1-15.el8_6.5
fixed
openssh-server
RHEL 8
0:8.0p1-29.el8_10
fixed
RHEL 8.4 AUS
0:8.0p1-7.el8_4.2
fixed
RHEL 8.6 AUS
0:8.0p1-15.el8_6.5
fixed
RHEL 8.6 E4S
0:8.0p1-15.el8_6.5
fixed
RHEL 8.6 TUS
0:8.0p1-15.el8_6.5
fixed
RHEL 8.8 E4S
0:8.0p1-20.el8_8.4
fixed
RHEL 8.8 TUS
0:8.0p1-20.el8_8.4
fixed
RHEL 9
0:9.9p1-7.el9_8
fixed
pam
RHEL 8
0:0.10.3-7.29.el8_10
fixed
RHEL 8.6 AUS
0:0.10.3-7.15.el8_6.5
fixed
RHEL 8.6 E4S
0:0.10.3-7.15.el8_6.5
fixed
RHEL 8.6 TUS
0:0.10.3-7.15.el8_6.5
fixed
RHEL 9
0:0.10.4-7.7.el9_8
fixed
Amazon Linux logo
Amazon Linux Releases
Amazon Package
Release
openssh
Amazon Linux 2
0:7.4p1-22.amzn2.0.13
fixed
Amazon Linux 2023
0:8.7p1-8.amzn2023.0.18
fixed
openssh-askpass
Amazon Linux 2
0:7.4p1-22.amzn2.0.13
fixed
openssh-cavs
Amazon Linux 2
0:7.4p1-22.amzn2.0.13
fixed
openssh-clients
Amazon Linux 2
0:7.4p1-22.amzn2.0.13
fixed
Amazon Linux 2023
0:8.7p1-8.amzn2023.0.18
fixed
openssh-clients-debuginfo
Amazon Linux 2023
0:8.7p1-8.amzn2023.0.18
fixed
openssh-debuginfo
Amazon Linux 2
0:7.4p1-22.amzn2.0.13
fixed
Amazon Linux 2023
0:8.7p1-8.amzn2023.0.18
fixed
openssh-debugsource
Amazon Linux 2023
0:8.7p1-8.amzn2023.0.18
fixed
openssh-keycat
Amazon Linux 2
0:7.4p1-22.amzn2.0.13
fixed
Amazon Linux 2023
0:8.7p1-8.amzn2023.0.18
fixed
openssh-keycat-debuginfo
Amazon Linux 2023
0:8.7p1-8.amzn2023.0.18
fixed
openssh-ldap
Amazon Linux 2
0:7.4p1-22.amzn2.0.13
fixed
openssh-server
Amazon Linux 2
0:7.4p1-22.amzn2.0.13
fixed
Amazon Linux 2023
0:8.7p1-8.amzn2023.0.18
fixed
openssh-server-debuginfo
Amazon Linux 2023
0:8.7p1-8.amzn2023.0.18
fixed
openssh-server-sysvinit
Amazon Linux 2
0:7.4p1-22.amzn2.0.13
fixed
pam_ssh_agent_auth
Amazon Linux 2
0:0.10.3-2.22.amzn2.0.13
fixed
Amazon Linux 2023
0:0.10.4-4.8.amzn2023.0.18
fixed
pam_ssh_agent_auth-debuginfo
Amazon Linux 2023
0:0.10.4-4.8.amzn2023.0.18
fixed
Azure Linux logo
Azure Linux Releases
Azure Package
Release
openssh
Azure Linux 3.0
0:9.8p1-6.azl3
fixed