OpenSSH Vulnerability Exposes Servers to Root Access for 15 Years
A critical vulnerability in OpenSSH, identified as CVE-2026-35414, has been discovered, affecting versions released over the past 15 years. This flaw allows attackers to gain full root shell access to servers by exploiting a mishandling of the authorized_keys principals option. The issue arises when a comma in an SSH certificate principal name is misinterpreted, enabling users with a valid certificate from a trusted CA to authenticate as root. The vulnerability, which has a CVSS score of 8.1, was identified by the cybersecurity firm Cyera. The flaw does not register authentication failures in logs, making detection through log-based methods unreliable. The vulnerability was patched in OpenSSH version 10.3, released in early April 2026. 
