CVE-2026-46333 — 'ssh-keysign-pwn': SSH key theft and root credentials via ptrace race condition
A 9-year-old flaw in the Linux kernel's __ptrace_may_access() function allows an unprivileged local user to read SSH host private keys and the /etc/shadow password database. CVSS 5.5, public exploits available. Patches available.
Read more →