CVE-2026-55654
LowCVSS 3.7Exploitation Probability (EPSS)
Low risk25th percentile — higher than 25% of all known CVEs
Summary
A flaw was found in OpenSSH, which involves a heap out-of-bounds read during the cleanup of GSSAPI indicators. The issue occurs when a trailing NULL termination is missing in the auth-indicators array, potentially leading to a crash or abort of the SSH authentication path.
Risk Assessment
A remote attacker could exploit this vulnerability under specific configurations involving GSSAPI authentication and a Kerberos environment, leading to a denial of service (DoS) and impacting the availability of the SSH service.
Recommendation
It is recommended to update OpenSSH to the latest version to mitigate this vulnerability and to monitor logs for potential attack attempts.
Original NVD description (English source)
A flaw was found in OpenSSH. This vulnerability, a heap out-of-bounds read, occurs during the cleanup of GSSAPI (Generic Security Service Application Programming Interface) indicators when a trailing NULL termination is missing in the auth-indicators array. A remote attacker, under specific configurations involving GSSAPI authentication and a Kerberos environment, could exploit this to cause the SSH authentication path to crash or abort. This leads to a denial of service (DoS), impacting the availability of the SSH service.

