Main Vulnerability Database Vulnerabilities #VU128476

Improper access control in OpenSSH - CVE-2026-35387

Published: April 29, 2026

Vulnerability identifier: #VU128476

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2026-35387

CWE-ID: CWE-284

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
OpenSSH

Software vendor:
OpenSSH

Description

The vulnerability allows a remote user to bypass configured public key algorithm restrictions.

The vulnerability exists due to improper access control in sshd(8) when applying PubkeyAcceptedAlgorithms and HostbasedAcceptedAlgorithms to ECDSA keys. A remote user can authenticate using an unlisted ECDSA algorithm to bypass configured public key algorithm restrictions.

The issue occurs when one of these directives includes any ECDSA algorithm name.

Remediation

Install security update from vendor's website.

External links

https://www.openssh.org/releasenotes.html#10.3

Improper access control in OpenSSH - CVE-2026-35387

Description

Remediation

External links

Please verify you're human