VYPR
Medium severity4.2NVD Advisory· Published Apr 2, 2026· Updated Apr 10, 2026

CVE-2026-35414

CVE-2026-35414

Description

OpenSSH before 10.3 mishandles the authorized_keys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority that makes certain use of comma characters.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

45

Patches

Vulnerability mechanics

References

3

News mentions

2