CVE-2026-59999

Published Jul 8, 2026

Last updated 2 days ago

Overview

AI description

Automated description summarized from trusted sources.

CVE-2026-59999 describes a vulnerability found in OpenSSH versions prior to 10.4. The flaw exists within the `sshd` component, where the configuration setting `DisableForwarding=yes` was intended to take precedence over `PermitTunnel=yes`, but failed to do so. This oversight means that even when `DisableForwarding` was enabled to prevent SSH tunneling, the presence of `PermitTunnel=yes` could still allow for the establishment of tunnels. This misconfiguration could lead to unauthorized use of SSH tunneling capabilities, potentially enabling an attacker to bypass network restrictions or perform actions that should have been prohibited. The vulnerability is categorized under CWE-348, which refers to the use of a less trusted source in decision-making logic.

Description
In sshd in OpenSSH before 10.4, DisableForwarding=yes was supposed to take precedence over PermitTunnel=yes, but did not.
Source
cve@mitre.org
NVD status
Analyzed
Products
openssh

Risk scores

CVSS 3.1

Type
Primary
Base score
7.5
Impact score
3.6
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Severity
HIGH

Weaknesses

cve@mitre.org
CWE-348

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

4

Configurations