Security · 1h ago
Tailscale SSH bug allowed root access via insecure argument handling
Tailscale disclosed a vulnerability (TS-2026-009) in its SSH feature that could let attackers gain root access through improper argument handling. The bug affects all versions prior to the latest patch. Users are urged to update immediately to prevent potential privilege escalation.
Meridian48 take
While Tailscale responded quickly, the severity of a root-access bug in a widely used remote-access tool underscores the need for rigorous input validation in SSH implementations.
Read the full reporting
TS-2026-009: Insecure argument handling in Tailscale SSH permitted root access →
Hacker News
tailscalessh-vulnerability