Zero Day MonitorZDM

← Back to list

5.0

CVE-2026-55655

red hat · red hat enterprise linux

Openssh: local mitm of x11 forwarding via abstract unix socket pre-binding in red hat enterprise linux openssh client versions

Description

A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding connections. This is possible by pre-binding the preferred abstract X socket name when X11 forwarding is enabled and a local UNIX-domain X socket is used. A successful attack can compromise the confidentiality of forwarded X11 traffic, including sensitive window contents and input, and may allow some manipulation of the forwarded session.

Affected Products

Vendor	Product	Versions
red hat	red hat enterprise linux	—

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
open source	openssh	cert_advisory	90%

References

https://access.redhat.com/security/cve/CVE-2026-55655(vdb-entry, x_refsource_REDHAT)
https://bugzilla.redhat.com/show_bug.cgi?id=2462250(issue-tracking, x_refsource_REDHAT)

Related News (3 articles)

Tier A

Microsoft MSRC7h ago

CVE-2026-55655 Openssh: local mitm of x11 forwarding via abstract unix socket pre-binding in red hat enterprise linux openssh client versions

→ No new info (linked only)

Tier B

BSI Advisories5d ago

[NEU] [mittel] OpenSSH: Mehrere Schwachstellen

→ No new info (linked only)

Tier C

VulDB5d ago

CVE-2026-55655 | OpenSSH communication channel to intended endpoints

→ No new info (linked only)

CVSS 3.15.0 NONE

CISA KEV❌ No

Actively exploited❌ No

CWECWE-923

PublishedJun 23, 2026

Last enriched5d ago

Trending Score35

Source articles3

Independent3

Info Completeness0/14

Missing: cve_id, title, description, vendor, product, versions, cvss, epss, cwe, kev, exploit, patch, iocs, mitre_attack

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

NONECVE-2026-9800EXP

Keycloak: keycloak policy enforcer: authorization bypass via incorrect uri comparison

NONECVE-2026-9086EXP

Keycloak: keycloak: cross-site scripting (xss) via case-insensitive uri validation bypass

NONECVE-2026-55653

Openssh: double free in red hat enterprise linux versions of openssh dh-gex client path during fips known-group validation leads to client-side denial of service

NONECVE-2026-9083EXP

Keycloak: keycloak: information disclosure through arbitrary filesystem path probing

CRITICALCVE-2026-12992EXP

Apicurio/apicurio-registry: apicurio-registry: ssrf via wsdl4j import dereference in wsdl full validation

Pin to Dashboard

Verification

State: unverified

Confidence: 0%

Vulnerability Timeline

CVE Published

Jun 23, 2026

Discovered by ZDM

Jun 23, 2026