OpenSSH flaw CVE-2026-35414

Thread starter MGH Systems Security
Start date Wednesday at 13:35

M

MGH Systems Security

New Member

Wednesday at 13:35

#1

Hi

I have been notified of this OpenSSH flaw
https://www.securityweek.com/openssh-flaw-allowing-full-root-shell-access-lurked-for-15-years/

Currently running PVE 9.1.7 across our estate and I see it is on OpenSSH 10.0

Are there any plans to update to the latest version as the fix for a root access violation is in 10.3 released April 2026

Stubennerd

Active Member

Proxmox Subscriber

Wednesday at 13:58

#2

PVE 9 and PBS 4 are based on Debian 13 'Trixie".
Debian will certainly release an update soon.

https://security-tracker.debian.org/tracker/CVE-2026-35414

Reactions: Stoiko Ivanov, Johannes S and d.oishi

M

MGH Systems Security

New Member

Wednesday at 16:16

#3

Thank you for the insight, still newish to Proxmox and this is the first "issue" that I have had to worry about

You must log in or register to reply here.

Share:

Bluesky LinkedIn Reddit Email Link

Top Bottom

Back

We value your privacy

We use essential cookies to make this site work, and optional cookies to enhance your experience.

See further information and configure your preferences

Accept all cookies Reject optional cookies
Essential cookies

These cookies are required to enable core functionality such as security, network management, and accessibility. You may not reject these.

Optional cookies

We deliver enhanced functionality for your browsing experience by setting these cookies. If you reject them, enhanced functionality will be unavailable.

Third-party cookies

Cookies set by third parties may be required to power functionality in conjunction with our captcha service provider for security and anti-spam purposes.

Detailed cookie usage

Privacy policy