CVE Vulnerabilities

CVE-2026-59998

Improper Following of Specification by Caller

Published: Jul 08, 2026 | Modified: Jul 08, 2026
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
4.8 MODERATE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
Ubuntu
root.io logo minimus.io logo echo.ai logo

sshd in OpenSSH before 10.4 has an undocumented security-relevant behavior: GSSAPIStrictAcceptorCheck has no value if the server is in Windows Active Directory.

Weakness

The product does not follow or incorrectly follows the specifications as required by the implementation language, environment, framework, protocol, or platform.

References