Critical Vulnerabilities in Fedora SSH Component Expose Users to Command Execution Risks
ID: f907fdf1-e821-5074-a7c0-c1fcf3c12743
STIX ID: report--f907fdf1-e821-5074-a7c0-c1fcf3c12743
Feed Name: ThreatCluster
Threat Score
Fedora released critical updates for the opkssh component to address two CVEs disclosed on May 22, 2026: CVE-2026-39828 (unauthorized command execution via SSH permission handling) and CVE-2026-39830 (denial-of-service from resource leaks). The fixes for Fedora 43 and 44 were published June 22, 2026 and users are advised to apply the updates using dnf.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
