CVE-2026-59999

Summary

In sshd in OpenSSH before 10.4, DisableForwarding=yes was supposed to take precedence over PermitTunnel=yes, but did not.

Affected Software

VendorProductVersion RangeStatus
OpenBSDOpenSSH0 < 10.4affected

Weaknesses

  • CWE-348: CWE-348 Use of Less Trusted Source

References