COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2026-60002

CVE-2026-60002

Severity
high
Source
NVD · cve
Published
2026-07-08
CVSS
7.7
Reference
https://nvd.nist.gov/vuln/detail/CVE-2026-60002
shame 25/100

ssh in OpenSSH before 10.4 can have a use-after-free when a server changes its host key during a key re-exchange. (This outcome occurs only on the client side.)

Players implicated

openbsd · vendoropenssh · product

Description

ssh in OpenSSH before 10.4 can have a use-after-free when a server changes its host key during a key re-exchange. (This outcome occurs only on the client side.)

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.