Tenable scanner reports a vulnerable OpenSSH version on Aria Operations for logs because the version is less than 10.3.

Aria Operations for Logs 8.18.6

The scanner shows the reference to CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388 and CVE-2026-35414 from Nessus Plugin ID 306743 and is detecting a version of OpenSSH less than the recommended version of OpenSSH for these two vulnerabilities.

VMware By Broadcom is aware of CVE-2026-35385, CVE-2026-35386, CVE-2026-35387, CVE-2026-35388 and CVE-2026-35414.
Refer to the release notes for existing and forthcoming product releases for any updates in relation to these CVEs.
Should you require further information please contact Broadcom Support.