Skip to content

CVE-2026-55655

is CVE-2026-55655real, exploitable, or a false positive? Here's the community verdict.

☆ Watch
Medium · CVSS 5EPSS 0.1%CWE-923

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N

A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding connections. This is possible by pre-binding the preferred abstract X socket name when X11 forwarding is enabled and a local UNIX-domain X socket is used. A successful attack can compromise the confidentiality of forwarded X11 traffic, including sensitive window contents and input, and may allow some manipulation of the forwarded session.

References

NVD MITRE CVE.org

Published

Embed this verdict
TruePositive verdict for CVE-2026-55655
Markdown
[![TruePositive verdict](https://www.truepositive.app/cve/CVE-2026-55655/badge.svg)](https://www.truepositive.app/cve/CVE-2026-55655)
HTML
<a href="https://www.truepositive.app/cve/CVE-2026-55655"><img src="https://www.truepositive.app/cve/CVE-2026-55655/badge.svg" alt="TruePositive verdict for CVE-2026-55655"></a>

Live badge that updates automatically as the community verdict changes.

Community ground truth

In your experience, is this finding real and exploitable?

0 verdicts
Not a real issue

No account needed. Anonymous verdicts post as an unverified signal. Log in to make yours verified and earn reputation.

Field notes & remediation

Verdicts are the quick signal. Notes are the evidence and fixes behind them.

No notes yet. Be the first to share what you saw, or a fix that worked.

    Add a field note or remediationoptional
    Note type

    What are you adding?

    Markdown supported · minimum 20 characters.