VDB
TNCVE-2026-35414
TNCVE-2026-35414
PUBLISHED
OpenSSH before 10.3 mishandles the authorized_keys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority that makes certain use of comma characters.
Exploit Intelligence
- CVE-2026-35414 Vuln block (github-poc-repo)
- CVE-2026-35414 Vuln block (github-poc)
- poc.py (github-poc)
- package.py (github-poc)
Timeline
- Apr 2, 2026 CVE Published
References
- Tenable: CVE-2026-35414 advisory