Hashicorp · Terraform · CVE-2026-25499
**Name of the Vulnerable Software and Affected Versions**
Terraform / OpenTofu Provider versions prior to 0.93.1
**Description**
The Terraform / OpenTofu Provider for Proxmox Virtual Environment, prior to version 0.93.1, contains an insecure sudoer line in its SSH configuration documentation. This configuration allows for potential path traversal using '../', enabling modification of any file on the system.
**Recommendations**
Update to version 0.93.1 or later.