July 2026 OpenSSH Vulnerabilities in NetApp Products
Summary
OpenSSH versions prior to 10.4 are susceptible to vulnerabilities which when successfully exploited could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). Successful exploitation of these vulnerabilities could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). <br><br> ONTAP Select Deploy administration utility:<br> Affected by only CVE-2026-60001. Affected products: E-Series SANtricity OS Controller Software, ONTAP Select Deploy administration utility. NetApp reports that one or more additional products remain under investigation; review the canonical advisory for current status. NetApp states there is no workaround available at this time.
What this means
In plain English
OpenSSH versions prior to 10.4 are susceptible to vulnerabilities which when successfully exploited could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). Successful exploitation of these vulnerabilities could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). <br><br> ONTAP Select Deploy administration utility:<br> Affected by only CVE-2026-60001. Affected products: E-Series SANtricity OS Controller Software, ONTAP Select Deploy administration utility. Information disclosure can expose data available to the affected component beyond its intended authorization boundary.
Vulnerable items
- E-Series SANtricity OS Controller Software — E-Series SANtricity OS Controller Software is a NetApp management component used to administer connected systems or services.
- ONTAP Select Deploy administration utility — NetApp ONTAP is the storage operating system used across NetApp enterprise storage systems.
Recommended action
Vendor mitigation: ONTAP Select Deploy administration utility: Affected by only CVE-2026-60001. No fixed release is recorded in the parsed advisory, so treat these controls as temporary until the vendor confirms a patched release.
Rewritten locally from the scraped official advisory data above; no generative API is used. The vendor advisory is authoritative.
- 10.4
Official advisory · high-confidence parse· fetched 3 hours ago·verify at source
Fixed versions
No fixed release is recorded yet. That does not prove no patch exists — confirm against the vendor advisory.
Official advisory · high-confidence parse· fetched 3 hours ago·verify at source
Mitigation checklist
- ONTAP Select Deploy administration utility: Affected by only CVE-2026-60001.
Official advisory · high-confidence parse· fetched 3 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.