๐Ÿ” CVE Alert

CVE-2026-5268

CRITICAL 9.1

SFTP Server Authentication Weakness

CVSS Score
9.1
EPSS Score
0.4%
EPSS Percentile
34th

An authentication bypass vulnerability exists in the default SFTP server component utilized across the Ciena products listed. This vulnerability allows a remote, unauthenticated attacker to bypass security controls and gain unauthorized access to the underlying filesystem. Successful exploitation could allow an attacker to read or modify system files.

CWE CWE-288
Vendor ciena
Product 6500 s-series
Published Jul 6, 2026
Last Updated Jul 8, 2026
Stay Ahead of the Next One

Get instant alerts for ciena 6500 s-series

Be the first to know when new critical vulnerabilities affecting ciena 6500 s-series are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

CIENA / 6500 S-Series
R16.96 and prior
CIENA / 6500 T-Series
R16.1 and prior
CIENA / PTS
R16.1 and prior
CIENA / CPL
R12.63 and prior

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
ciena.com: https://www.ciena.com/product-security