RHSA-2026:12389 Red Hat Security Advisory: openssh security update
Details
CVSS v3
4.2
NVD published
2026-04-02 18:16:34
EPSS
<0.1% probability · 5.4th percentile — 2026-05-01
Affected versions
cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*
Summary
OpenSSH before 10.3 mishandles the authorized_keys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority that makes certain use of comma characters.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.