GSSAPIStrictAcceptorCheck Vulnerability in OpenSSH for Windows Active Directory
CVE-2026-59998

4.8MEDIUM

Key Information:

Vendor

OpenBSD

Status
Vendor
CVE Published:
8 July 2026

What is CVE-2026-59998?

OpenSSH versions prior to 10.4 exhibit an undocumented security-relevant behavior where the GSSAPIStrictAcceptorCheck setting does not hold any value when the SSH server operates within a Windows Active Directory environment. This can lead to potential security risks as proper checks are bypassed, making it critical for users operating in such contexts to update to the latest version.

Affected Version(s)

OpenSSH 0 < 10.4

References

CVSS V3.1

Score:
4.8
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.