CVE-2026-59998

Published Jul 8, 2026

Last updated 2 days ago

Overview

AI description

Automated description summarized from trusted sources.

CVE-2026-59998 describes an undocumented security-relevant behavior within `sshd` in OpenSSH versions prior to 10.4. The vulnerability specifically concerns the `GSSAPIStrictAcceptorCheck` setting, which is rendered ineffective when the OpenSSH server is operating within a Windows Active Directory environment. This issue means that the intended security checks related to GSSAPI authentication might not be enforced as expected under these specific conditions. As of the current information, there is no known solution or vendor-supplied patch available for this vulnerability.

Description
sshd in OpenSSH before 10.4 has an undocumented security-relevant behavior: GSSAPIStrictAcceptorCheck has no value if the server is in Windows Active Directory.
Source
cve@mitre.org
NVD status
Analyzed
Products
openssh

Risk scores

CVSS 3.1

Type
Primary
Base score
6.5
Impact score
2.5
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Severity
MEDIUM

Weaknesses

cve@mitre.org
CWE-573

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

4

Configurations