VDB

TNCVE-2026-35386

TNCVE-2026-35386 PUBLISHED

In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username on the command line is untrusted, and also requires a non-default configurations of % in ssh_config.

Timeline

  • Apr 2, 2026 CVE Published

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›