VYPR
Low severity3.1NVD Advisory· Published Apr 2, 2026· Updated Apr 27, 2026

CVE-2026-35387

CVE-2026-35387

Description

OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

11

Patches

Vulnerability mechanics

References

3

News mentions

1