CVE-2025-61985
ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.
CVSS
3.6
Low
EPSS
0.1%
p2
KEV
—
Exploit Today
1
0-100
Published: Oct 6, 2025 · Last modified: Jul 14, 2026 · CWE-158
0.1%EPSS · 30 days0.1%
2026-06-302026-07-16
ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.
No related CVEs by CWE or product.