CVE-2026-35386
ADVISORY - nistSummary
In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username on the command line is untrusted, and also requires a non-default configurations of % in ssh_config.
Common Weakness Enumeration (CWE)
ADVISORY - nist
Incorrect Behavior Order
Sign in to Docker Scout
See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.
Sign in