24h | 7d | 30d

CVE-2026-35387

Overview

  • OpenBSD
  • OpenSSH
02 Apr 2026
Published
02 Apr 2026
Updated
CVSS v3.1
LOW (3.1)
EPSS
Pending
KEV

Description

OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms.

Statistics

  • 2 Posts
  • 9 Interactions
Last activity: 1 hour ago

Fediverse

Profile picture fallback
cR0w 🏴‍☠️🫈🫍 @cR0w

Anyone have time to look through the vuln fixes for OpenSSH today? I haven't yet because I'm trying not to care about it but there are at least four CVEs apparently.

openssh.org/txt/release-10.3

CVE-2026-35385
CVE-2026-35386
CVE-2026-35387
CVE-2026-35388

  • 4
  • 5
  • 0
  • 16h ago

Bluesky

Profile picture fallback
OMO @omo.bsky.social
SIOSセキュリティブログを更新しました。 OpenSSHの脆弱性(High: CVE-2026-35385, Medium: CVE-2026-35414, Low: CVE-2026-35386, CVE-2026-35387, CVE-2026-35388)と、OpenSSH 10.3/10.3p1の公開 #sios_tech #security #vulnerability #セキュリティ #脆弱性 #linux #openssh #ssh security.sios.jp/vulnerabilit...
  • 0
  • 0
  • 0
  • 1h ago

CVE-2026-35386

Overview

  • OpenBSD
  • OpenSSH
02 Apr 2026
Published
03 Apr 2026
Updated
CVSS v3.1
LOW (3.6)
EPSS
Pending
KEV

Description

In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username on the command line is untrusted, and also requires a non-default configurations of % in ssh_config.

Statistics

  • 2 Posts
  • 9 Interactions
Last activity: 1 hour ago

Fediverse

Profile picture fallback
cR0w 🏴‍☠️🫈🫍 @cR0w

Anyone have time to look through the vuln fixes for OpenSSH today? I haven't yet because I'm trying not to care about it but there are at least four CVEs apparently.

openssh.org/txt/release-10.3

CVE-2026-35385
CVE-2026-35386
CVE-2026-35387
CVE-2026-35388

  • 4
  • 5
  • 0
  • 16h ago

Bluesky

Profile picture fallback
OMO @omo.bsky.social
SIOSセキュリティブログを更新しました。 OpenSSHの脆弱性(High: CVE-2026-35385, Medium: CVE-2026-35414, Low: CVE-2026-35386, CVE-2026-35387, CVE-2026-35388)と、OpenSSH 10.3/10.3p1の公開 #sios_tech #security #vulnerability #セキュリティ #脆弱性 #linux #openssh #ssh security.sios.jp/vulnerabilit...
  • 0
  • 0
  • 0
  • 1h ago

CVE-2026-4415

Overview

  • GIGABYTE
  • Gigabyte Control Center
30 Mar 2026
Published
31 Mar 2026
Updated
CVSS v4.0
CRITICAL (9.2)
EPSS
0.37%
KEV

Description

Gigabyte Control Center developed by GIGABYTE has an Arbitrary File Write vulnerability. When the pairing feature is enabled, unauthenticated remote attackers can write arbitrary files to any location on the underlying operating system, leading to arbitrary code execution or privilege escalation.

Statistics

  • 1 Post
Last activity: 23 hours ago

Fediverse

Profile picture fallback
Michael I Ransier @thecybermind

INTEL ALERT] CVE-2026-4425 is live. Is your GIGABYTE Control Center (GCC) acting as a backdoor for digital decay? I’m breaking down the forensic evidence and showing you how to harden your precinct. Don't let unpatched utilities breach your perimeter.

Read the full brief at The Cyber Mind Co.

thecybermind.co/2026/04/02/gig

  • 0
  • 0
  • 0
  • 23h ago

CVE-2026-4425

Overview

  • Pending
Pending
Published
30 Mar 2026
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

Reserved for EastLink case, but no need for CVE anymore

Statistics

  • 1 Post
Last activity: 23 hours ago

Fediverse

Profile picture fallback
Michael I Ransier @thecybermind

INTEL ALERT] CVE-2026-4425 is live. Is your GIGABYTE Control Center (GCC) acting as a backdoor for digital decay? I’m breaking down the forensic evidence and showing you how to harden your precinct. Don't let unpatched utilities breach your perimeter.

Read the full brief at The Cyber Mind Co.

thecybermind.co/2026/04/02/gig

  • 0
  • 0
  • 0
  • 23h ago

CVE-2026-35414

Overview

  • OpenBSD
  • OpenSSH
02 Apr 2026
Published
02 Apr 2026
Updated
CVSS v3.1
MEDIUM (4.2)
EPSS
Pending
KEV

Description

OpenSSH before 10.3 mishandles the authorized_keys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority that makes certain use of comma characters.

Statistics

  • 1 Post
Last activity: 1 hour ago

Bluesky

Profile picture fallback
OMO @omo.bsky.social
SIOSセキュリティブログを更新しました。 OpenSSHの脆弱性(High: CVE-2026-35385, Medium: CVE-2026-35414, Low: CVE-2026-35386, CVE-2026-35387, CVE-2026-35388)と、OpenSSH 10.3/10.3p1の公開 #sios_tech #security #vulnerability #セキュリティ #脆弱性 #linux #openssh #ssh security.sios.jp/vulnerabilit...
  • 0
  • 0
  • 0
  • 1h ago
Showing 31 to 35 of 35 CVEs