{"id":"JLSEC-2026-73","summary":"In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the...","details":"In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding.","modified":"2026-04-09T22:01:27.724101799Z","published":"2026-04-09T21:32:46.691Z","upstream":["CVE-2025-32728","EUVD-2025-10504","GHSA-26mg-p594-q328"],"database_specific":{"license":"CC-BY-4.0","sources":[{"modified":"2025-05-22T16:51:54.890Z","imported":"2026-04-09T14:56:19.355Z","url":"https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2025-32728","published":"2025-04-10T02:15:30.873Z","id":"CVE-2025-32728","html_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-32728"},{"modified":"2025-05-08T15:30:40Z","imported":"2026-04-09T14:56:22.328Z","url":"https://api.github.com/advisories/GHSA-26mg-p594-q328","id":"GHSA-26mg-p594-q328","published":"2025-04-10T03:31:32Z","html_url":"https://github.com/advisories/GHSA-26mg-p594-q328"},{"modified":"2025-05-08T13:11:19Z","imported":"2026-04-09T14:56:20.770Z","url":"https://euvdservices.enisa.europa.eu/api/enisaid?id=EUVD-2025-10504","published":"2025-04-10T00:00:00Z","id":"EUVD-2025-10504","html_url":"https://euvd.enisa.europa.eu/vulnerability/EUVD-2025-10504"}]},"references":[{"type":"WEB","url":"https://ftp.openbsd.org/pub/OpenBSD/patches/7.6/common/013_ssh.patch.sig"},{"type":"WEB","url":"https://github.com/openssh/openssh-portable/commit/fc86875e6acb36401dfc1dfb6b628a9d1460f367"},{"type":"WEB","url":"https://lists.mindrot.org/pipermail/openssh-unix-dev/2025-April/041879.html"},{"type":"WEB","url":"https://www.openssh.com/txt/release-10.0"},{"type":"WEB","url":"https://www.openssh.com/txt/release-7.4"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/05/msg00008.html"},{"type":"WEB","url":"https://security.netapp.com/advisory/ntap-20250425-0002/"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-32728"},{"type":"WEB","url":"https://security.netapp.com/advisory/ntap-20250425-0002"},{"type":"WEB","url":"https://github.com/advisories/GHSA-26mg-p594-q328"}],"affected":[{"package":{"name":"OpenSSH_jll","ecosystem":"Julia","purl":"pkg:julia/OpenSSH_jll?uuid=9bd350c2-7e96-507f-8002-3f2e150b4e1b"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"10.0.1+0"}]}],"database_specific":{"source":"https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-73.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N"}]}