OpenSSH 10.4 addresses multiple security vulnerabilities affecting SSH client and server components, including flaws related to file path handling, command-line argument processing, authentication controls, and memory management. The update improves security by preventing unauthorized file writes through SFTP, strengthening internal SFTP option validation, enforcing authentication delay protections, and resolving a client-side use-after-free issue during host key re-exchange. Users and administrators are advised to upgrade to OpenSSH 10.4 or apply vendor-provided patches to reduce the risk of exploitation.
CVE-2026-59995 (CVSS: 4.2 Medium): A relative path traversal vulnerability in OpenSSH SFTP allowed a malicious server to write downloaded files outside the intended directory during file transfers.[/subscribe_to_unlock_form]
OpenSSH 10.4 addresses multiple security vulnerabilities affecting SSH client and server components, including flaws related to file path handling, command-line argument processing, authentication controls, and memory management. The update improves security by preventing unauthorized file writes through SFTP, strengthening internal SFTP option validation, enforcing authentication delay protections, and resolving a client-side use-after-free issue during host key re-exchange. Users and administrators are advised to upgrade to OpenSSH 10.4 or apply vendor-provided patches to reduce the risk of exploitation.
CVE-2026-59995 (CVSS: 4.2 Medium): A relative path traversal vulnerability in OpenSSH SFTP allowed a malicious server to write downloaded files outside the intended directory during file transfers.[emaillocker id="1283"]
CVE-2026-59997 (CVSS: 4.2 Medium): An improper input validation issue in OpenSSH internal-sftp caused security options placed after the first nine command-line arguments to be ignored.
CVE-2026-60001 (CVSS: 6.5 Medium): A resource allocation weakness in OpenSSH sshd could allow attackers to bypass consistent authentication delay enforcement, increasing the risk of authentication abuse.
CVE-2026-60002 (CVSS: 7.7 High): A use-after-free vulnerability in the OpenSSH client during host key re-exchange could potentially impact confidentiality and integrity when connecting to a malicious SSH server.
We recommend you to update OpenSSH to version 10.4 or 10.4p1.
The following reports contain further technical details:
[/emaillocker]