Improper access control in OpenSSH - CVE-2026-59999
Published: July 15, 2026
OpenSSH
Detailed vulnerability description
The vulnerability allows a remote user to enable tunneling despite forwarding restrictions.
The vulnerability exists due to improper access control in sshd(8) when DisableForwarding=yes and PermitTunnel=yes are configured together. A remote privileged user can use tunneling despite forwarding restrictions to enable tunneling despite forwarding restrictions.
Exploitation requires configurations where PermitTunnel is enabled.