CPE
CVE-2026-59998 describes an undocumented security-relevant behavior in sshd, a component of OpenSSH, specifically in versions prior to 10.4, where the GSSAPIStrictAcceptorCheck setting reportedly has no value when the server is operating within a Windows Active Directory environment.