CVE-2026-21670

Published Mar 12, 2026

Last updated 7 days ago

CVSS high 7.7
SSH
Port (22)

Overview

Description
A vulnerability allowing a low-privileged user to extract saved SSH credentials.
Source
support@hackerone.com
NVD status
Modified
Products
veeam_backup_\&_replication

Risk scores

CVSS 3.1

Type
Primary
Base score
6.5
Impact score
3.6
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Severity
MEDIUM

Weaknesses

nvd@nist.gov
CWE-522
134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-522

Social media

Hype score
Not currently trending

Configurations

Related CVEs

  1. Linux Kernel Incorrect Resource Transfer Between Spheres VulnerabilityCVE-2026-31431
  2. Fortinet FortiClient EMS Improper Access Control VulnerabilityCVE-2026-35616
  3. OpenSSH before 10.3 mishandles the authorized_keys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority that makes certain use of comma characters.CVE-2026-35414
  4. In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the download is performed as root with -O (legacy scp protocol) and without -p (preserve mode).CVE-2026-35385
  5. A malicious SCP server can send unexpected paths that could make the client application override local files outside of working directory. This could be misused to create malicious executable or configuration files and make the user execute them under specific consequences. This is the same issue as in OpenSSH, tracked as CVE-2019-6111.CVE-2026-0964

References

Sources include official advisories and independent security research.