PT-2025-40940 · Openbsd+10 · Openssh+10

·

CVE-2025-61985

·

Published

2025-10-06

·

Updated

2026-04-06

CVSS v3.1

3.6

Low

VectorAV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions OpenSSH versions prior to 10.1
Description OpenSSH contains a flaw where the '0' character within an ssh:// URI can be processed, potentially leading to code execution when a ProxyCommand is utilized. This occurs because the presence of a null byte allows for manipulation of the command execution process.
Recommendations Update to OpenSSH version 10.1 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

ALSA-2025:23479
ALSA-2025:23480
ALSA-2025:23481
AZL-68228
AZL-68292
BDU:2025-12566
CVE-2025-61985
ECHO-C49B-D8DD-91E2
JLSEC-2025-8
MGASA-2026-0059
OESA-2025-2582
OESA-2025-2583
OESA-2025-2584
OESA-2025-2585
OESA-2025-2586
OESA-2025-2646
OPENSUSE-SU-2025:20122-1
RHSA-2026:0693
RHSA-2026:0976
RHSA-2026:1678
RHSA-2026:1790
RHSA-2026:1815
RHSA-2026:5475
SUSE-SU-2025:21044-1
SUSE-SU-2025:21128-1
SUSE-SU-2025:21161-1
SUSE-SU-2025:4067-1
SUSE-SU-2025:4098-1
SUSE-SU-2025:4112-1
SUSE-SU-2026:20662-1
USN-8090-1
USN-8090-2

Affected Products

Almalinux
Centos
Debian
Ibm Aix
Linuxmint
Openssh
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu