OpenSSH Patches a 15-Year-Old Comma-Parsing Bug That Could Promote Certificate Holders to Root
CVE-2026-35414 lets a comma in an SSH certificate principal slip past authorized_keys access controls, granting root on vulnerable servers. OpenSSH 10.3 ships the fix.
4 min read6 sources