CVE-2026-60000

Summary

sshd in OpenSSH before 10.4 allows remote attackers to cause a denial of service (resource consumption from excessive authentication attempts) because MaxAuthTries was mishandled for GSSAPIAuthentication.

Affected Software

VendorProductVersion RangeStatus
OpenBSDOpenSSH0 < 10.4affected

Weaknesses

  • CWE-770: CWE-770 Allocation of Resources Without Limits or Throttling

References