VDB

GCVE-110-MAGEIA-2026-193

GCVE-110-MAGEIA-2026-193
Advisory Published
Vulnetix · Advisory published June 10, 2026
In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the download is performed as root with -O (legacy scp protocol) and without -p (preserve mode). (CVE-2026-35385) In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username on the command line is untrusted, and also requires a non-default configurations of % in ssh_config. (CVE-2026-35386) OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms. (CVE-2026-35387) OpenSSH before 10.3 omits connection multiplexing confirmation for proxy-mode multiplexing sessions. (CVE-2026-35388) OpenSSH before 10.3 mishandles the authorized_keys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority that makes certain use of comma characters. (CVE-2026-35414)

Affected Products

VendorProductVersionsPlatforms
Mageiaopenssh0 (affected), 9.3p1-2.7.mga9 (unaffected)

Browse GCVE Records

72,580 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›