Security Weakness in OpenSSH's sshd Server Configuration
CVE-2026-59999
5.9MEDIUM
What is CVE-2026-59999?
A configuration issue exists in the sshd component of OpenSSH versions prior to 10.4, where the setting of 'DisableForwarding=yes' does not properly take precedence over 'PermitTunnel=yes'. This flaw can lead to unexpected behavior in SSH tunneling configurations, potentially allowing unauthorized port forwarding when it should be disabled. Users are advised to review their sshd configuration settings to ensure intended security policies are enforced.
Affected Version(s)
OpenSSH 0 < 10.4