CVE-2026-60002: openssh: OpenSSH: Use-after-free vulnerability during host key re-exchange on the client side

Severity: Critical

CVSS Score: 9.4

ssh in OpenSSH before 10.4 can have a use-after-free when a server changes its host key during a key re-exchange. (This outcome occurs only on the client side.)