CVE-2026-35387 identifies a vulnerability in OpenSSH versions before 10.3 related to the handling of ECDSA algorithms in authentication configuration. Specifically, when administrators specify any ECDSA algorithm in the PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms settings, the software erroneously interprets this as acceptance of all ECDSA algorithms rather than the intended subset. This behavior is due to an always-incorrect control flow implementation, classified under CWE-670, which refers to logic errors that cause unintended execution paths. The consequence is that unintended or potentially weaker ECDSA algorithms may be accepted during SSH authentication, potentially weakening the cryptographic assurance of the connection. The vulnerability does not require user interaction, but does require network access and low privileges to exploit, with a high attack complexity. The CVSS v3.1 base score is 3.1, reflecting a low severity primarily due to limited impact on confidentiality and availability, and the requirement for specific conditions to exploit. No public exploits or active exploitation have been reported. The issue is resolved in OpenSSH version 10.3, where the algorithm parsing and enforcement logic has been corrected to properly restrict accepted ECDSA algorithms as configured by administrators.

The primary impact of this vulnerability is a potential weakening of authentication integrity in OpenSSH connections by allowing unintended ECDSA algorithms to be accepted. This could enable attackers to exploit weaker cryptographic algorithms if they are supported by the client or server, potentially facilitating man-in-the-middle attacks or unauthorized access under certain conditions. However, the vulnerability does not directly affect confidentiality or availability of the SSH service. The requirement for network access and low privileges, combined with high attack complexity, limits the likelihood of widespread exploitation. Organizations relying on OpenSSH for secure remote access, especially those with strict cryptographic compliance requirements, may face increased risk of authentication bypass or reduced cryptographic strength until patched. The absence of known exploits in the wild reduces immediate risk but does not eliminate the need for remediation.

To mitigate CVE-2026-35387, organizations should upgrade OpenSSH installations to version 10.3 or later, where the algorithm acceptance logic has been corrected. Until upgrading is possible, administrators should avoid specifying ECDSA algorithms in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms configurations to prevent unintended acceptance of all ECDSA algorithms. Additionally, auditing current SSH configurations to identify and remove any ECDSA algorithm listings can reduce exposure. Employing strict cryptographic policies that prefer stronger algorithms such as Ed25519 or RSA with adequate key sizes can further mitigate risk. Monitoring SSH authentication logs for unusual algorithm negotiation patterns may help detect attempts to exploit this vulnerability. Finally, maintaining an up-to-date inventory of OpenSSH versions deployed across infrastructure and applying security patches promptly is essential to prevent exploitation.