CVE-2026-35386

Summary

In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username on the command line is untrusted, and also requires a non-default configurations of % in ssh_config.

Affected Software

VendorProductVersion RangeStatus
OpenBSDOpenSSH0 < 10.3affected

Weaknesses

  • CWE-696: CWE-696 Incorrect Behavior Order

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References