CVE-2026-35388

ADVISORY - nist

Summary

OpenSSH before 10.3 omits connection multiplexing confirmation for proxy-mode multiplexing sessions.

EPSS Score⁠: 0.00012 (0.018)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-420⁠

Unprotected Alternate Channel

ADVISORY - redhat

CWE-306⁠

Missing Authentication for Critical Function

Impacted images

Advisories

NIST

CREATED

28 days ago

UPDATED

3 days ago

ADVISORY IDCVE-2026-35388⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-420⁠

CVSS SCORE

2.5low

Alpine

CREATED

3 days ago

UPDATED

3 days ago

ADVISORY IDCVE-2026-35388⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

28 days ago

UPDATED

2 days ago

ADVISORY IDCVE-2026-35388⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

28 days ago

UPDATED

1 day ago

ADVISORY IDCVE-2026-35388⁠

EXPLOITABILITY SCORE

1.0

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

2.5medium

Red Hat

CREATED

28 days ago

UPDATED

27 days ago

ADVISORY IDCVE-2026-35388⁠

EXPLOITABILITY SCORE

0.8

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-306⁠

CVSS SCORE

2.2low

Photon

CREATED

4 days ago

UPDATED

4 days ago

ADVISORY ID

CVE-2026-35388

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

2.5low