CVE-2026-35387

ADVISORY - nist

Summary

OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms.

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-670⁠

Always-Incorrect Control Flow Implementation

Impacted images

Advisories

NIST

CREATED

8 hours ago

UPDATED

8 hours ago

ADVISORY IDCVE-2026-35387⁠

EXPLOITABILITY SCORE

1.6

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-670⁠

CVSS SCORE

3.1low

Debian

CREATED

3 hours ago

UPDATED

3 hours ago

ADVISORY IDCVE-2026-35387⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY