Resource exhaustion in OpenSSH - CVE-2026-60000
Published: July 15, 2026
OpenSSH
Detailed vulnerability description
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper resource handling in sshd(8) when processing pre-authentication GSSAPI requests. A remote attacker can send crafted authentication attempts to cause a denial of service.
Only configurations with GSSAPIAuthentication enabled are affected.