CVE-2026-55655

EUVD-2026-38413

23.06.2026, 04:17

A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding connections. This is possible by pre-binding the preferred abstract X socket name when X11 forwarding is enabled and a local UNIX-domain X socket is used. A successful attack can compromise the confidentiality of forwarded X11 traffic, including sensitive window contents and input, and may allow some manipulation of the forwarded session.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	5 MEDIUM	LOCAL	HIGH	LOW	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Debian Releases

Debian Product

Codename

openssh

bookworm	undetermined
bookworm (security)	undetermined
bullseye	undetermined
bullseye (security)	undetermined
forky	undetermined
sid	undetermined
trixie	undetermined
trixie (security)	undetermined

Common Weakness Enumeration

CWE-923 - Improper Restriction of Communication Channel to Intended Endpoints
The software establishes a communication channel to (or from) an endpoint for privileged or protected operations, but it does not properly ensure that it is communicating with the correct endpoint.

Vulnerability Media Exposure

[GERMAN] OpenSSH: Mehrere Schwachstellen
Ein Angreifer kann mehrere Schwachstellen in OpenSSH ausnutzen, um einen Denial of Service Angriff durchzuführen, Sicherheitsmaßnahmen zu umgehen, Daten zu manipulieren oder vertrauliche Informationen offenzulegen.
Published: 2026-06-22T22:00:00+00:00

References

https://access.redhat.com/security/cve/CVE-2026-55655

https://bugzilla.redhat.com/show_bug.cgi?id=2462250