CVE-2025-61984
CVSS Score
3.6
EPSS Score
0.0%
EPSS Percentile
0th
ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.)
| CWE | CWE-159 |
| Vendor | openbsd |
| Product | openssh |
| Ecosystems | |
| Industries | Technology |
| Published | Oct 6, 2025 |
| Last Updated | Feb 26, 2026 |
Stay Ahead of the Next One
Get instant alerts for openbsd openssh
Be the first to know when new low vulnerabilities affecting openbsd openssh are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Affected Versions
OpenBSD / OpenSSH
0 < 10.1
References
openwall.com: https://www.openwall.com/lists/oss-security/2025/10/06/1 marc.info: https://marc.info/?l=openssh-unix-dev&m=175974522032149&w=2 openssh.com: https://www.openssh.com/releasenotes.html#10.1p1 dgl.cx: https://dgl.cx/2025/10/bash-a-newline-ssh-proxycommand-cve-2025-61984 openwall.com: http://www.openwall.com/lists/oss-security/2025/10/07/1 openwall.com: http://www.openwall.com/lists/oss-security/2025/10/12/1 vicarius.io: https://www.vicarius.io/vsociety/posts/cve-2025-61984-detection-script-remote-code-execution-vulnerability-affecting-openssh vicarius.io: https://www.vicarius.io/vsociety/posts/cve-2025-61984-mitigation-script-remote-code-execution-vulnerability-affecting-openssh