CVE-2026-55653

🔶 medium

Summary

A flaw was found in OpenSSH. A malicious SSH server can exploit a double free vulnerability in the Diffie-Hellman Group Exchange (DH-GEX) client path. This occurs during FIPS (Federal Information Processing Standards) mode known-group validation when the client processes attacker-controlled DH-GEX group parameters. Successful exploitation leads to client-side process termination, resulting in a Denial of Service (DoS).

CVSS Score

4.3

Medium

EPSS Score

0.2

Exploit Probability

Published Date

2026-06-23

First Seen: 2026-06-25

📊 Relative Risk Intelligence

This CVE is Lower Risk - more severe than 5.4% of all 330,193 vulnerabilities in our database.

#312,358

Below average severity

Severity Percentile

🎯 CISA SSVC Assessment Updated: Jun 23, 2026

🔍 Exploitation Status

None

No known exploits

⚙️ Automatable

Requires human interaction

💥 Technical Impact

Partial

Limited system impact

SSVC data provided by CISA

Last Modified 2026-06-25

Source NVD 🔗

CVSS Vector 3.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

CWE IDs (Weakness Types)

CWE-415

📦 Affected Products 7

Vendor	Product	Status	Affected Versions
openbsd	openssh	Affected	v-
redhat	enterprise_linux	Affected	v10.0
redhat	enterprise_linux	Affected	v6.0
redhat	enterprise_linux	Affected	v7.0
redhat	enterprise_linux	Affected	v8.0
redhat	enterprise_linux	Affected	v9.0
redhat	openshift_container_platform	Affected	v4.0

🔗 References 2

https://access.redhat.com/security/cve/CVE-2026-55653

Vendor Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=2462351

Exploit Issue Tracking Vendor Advisory

🔗 Related CVEs 6

CVE ID	Severity	CVSS	EPSS	Summary	Published
CVE-2026-55654	ℹ️ low	3.7	0.3	A flaw was found in OpenSSH. This vulnerability, a heap out-of-bounds read, occurs during the cleanup of GSSAPI (Generic...	2026-06-23
CVE-2026-55655	🔶 medium	5.0	0.1	A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding ...	2026-06-23
CVE-2026-11791	🔶 medium	5.0	0.3	A flaw was found in 389 Directory Server. During schema reload, the attr_syntax_swap_ht() function unconditionally frees...	2026-06-18
CVE-2026-1764	🔶 medium	5.6	0.2	A flaw was found in GNOME localsearch (previously known as tracker-miners) MP3 Extractor. When processing specially craf...	2026-06-16
CVE-2026-1766	🔶 medium	5.6	0.2	A flaw was found in GNOME localsearch (previously known as tracker-miners) MP3 Extractor, specifically within the tracke...	2026-06-16
CVE-2026-1767	🔶 medium	5.6	0.2	A flaw was found in the GNOME localsearch (previously known as tracker-miners) MP3 Extractor `tracker-extract-mp3` compo...	2026-06-16

These CVEs affect the same products