@Madhuri: AES-GCM is supported since WinSCP 6.0 only:
https://winscp.net/eng/docs/history?a=6.0

Currently we are using WinSCP 5.9.4 and we have a vendor request to ensure that our SFTP application is configured to use aes128-gcm@openssh.com and aes256-gcm@openssh.com. Could you please let me know which version of WinSCP support these.

@KeithInSac: Move the ciphers, you do not want to use, below the "warn below here" line.
You can then choose to reject the connection, if there's no cipher, you are willing to use, available.

I can see that I can the option reorder/prioritize SSH Encryption Ciphers in the Advanced Site Settings | SSH | Encryption Options. But, to ensure client-server handshake using FIPS 140-2 approved ciphers, I'd like to disable ciphers locally. I can't control external data services providers, but I can, hopefully, control what I'm willing to negotiate to. Is this possible?

I have documented algorithms supported by the latest version of WinSCP at:
https://winscp.net/eng/docs/ssh_algorithms
You should upgrade to the latest version in any case.

Anyway, 5.7.6 supports the same set of algorithms, except for those added in 5.8.1:
https://winscp.net/eng/docs/history?a=5.8.1
(though there was no change in set of supported ciphers, except for change in their preference order in 5.8.3)

Is there a document that lists which ciphers are supported by versions of WinSCP? We are currently running version 5.7.6 and one of our vendors is going to restrict the type of ciphers that can be used to communicate with them.

Thanks.