VDB
CLEANSTART-2026-WK88787
CLEANSTART-2026-WK88787
PUBLISHED
CVSS 9.800000190734863 CRITICAL
SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption
Risk Scores
CVSS v3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| CleanStart | argo-workflows-fips | 0, 0 |
Timeline
- Feb 6, 2026 CVE Published
- Feb 17, 2026 CVE Updated
References
- https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-WK88787.json advisory
- https://osv.dev/vulnerability/CVE-2025-0913 url
- https://osv.dev/vulnerability/CVE-2025-4673 url
- https://osv.dev/vulnerability/CVE-2025-47907 url
- https://osv.dev/vulnerability/CVE-2025-47914 url
- https://osv.dev/vulnerability/CVE-2025-58181 url
- https://osv.dev/vulnerability/CVE-2025-62156 url
- https://osv.dev/vulnerability/CVE-2025-62157 url
- https://osv.dev/vulnerability/GHSA-c2hv-4pfj-mm2r url
- https://osv.dev/vulnerability/GHSA-cfpf-hrx2-8rv6 url
- https://osv.dev/vulnerability/GHSA-p84v-gxvw-73pf url
- https://nvd.nist.gov/vuln/detail/CVE-2025-0913 url
- https://nvd.nist.gov/vuln/detail/CVE-2025-4673 url
- https://nvd.nist.gov/vuln/detail/CVE-2025-47907 url
- https://nvd.nist.gov/vuln/detail/CVE-2025-47914 url
- https://nvd.nist.gov/vuln/detail/CVE-2025-58181 url
- https://nvd.nist.gov/vuln/detail/CVE-2025-62156 url
- https://nvd.nist.gov/vuln/detail/CVE-2025-62157 url
- https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-WK88787 advisory
- https://osv.dev/vulnerability/GHSA-C2HV-4PFJ-MM2R url
…and 2 more