← Back to CVE List
CVE-2026-60002NVD
Vulnerability Summary
ssh in OpenSSH before 10.4 can have a use-after-free when a server changes its host key during a key re-exchange. (This outcome occurs only on the client side.)
CVSS v3.1 Base Metrics
Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityHigh
IntegrityHigh
AvailabilityLow