CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-60000

lowCVSS 3.7covered by 2 sourcesfirst seen 2026-07-02
sshd in OpenSSH before 10.4 allows remote attackers to cause a denial of service (resource consumption from excessive authentication attempts) because MaxAuthTries was mishandled for GSSAPIAuthentication.

CSIRTS triage

What
sshd allows remote attackers to cause a denial of service due to mishandling of MaxAuthTries for GSSAPIAuthentication.
Who is affected
Deployments of OpenSSH sshd before version 10.4 are affected.
Urgency
Remediation is low as the severity is lower and exploitation is less likely.
Action
Consider upgrading OpenSSH to version 10.4 or later.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch CVE-2026-60000

Get an email if CVE-2026-60000 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (2)

External references

NVD record for CVE-2026-60000

CVE.org record

Embed the live status

CVE-2026-60000 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-60000 status](https://www.csirts.com/badge/CVE-2026-60000)](https://www.csirts.com/cve/CVE-2026-60000)