< BACK TO NEWS
importantSYS.SOURCE: Tailscale Security Bulletins2026-07-15T01:08:26Z

Tailscale SSH Insecure Argument Handling Allows Root Access Violation

Tailscale SSH contained a vulnerability allowing root access via insecure command-line argument handling, bypassing ACL restrictions. The issue was resolved in version 1.98.9 by rejecting usernames with leading dashes.

Comments

Read original article

*** END OF TRANSMISSION ***

> GERMAN CLIMATE REPORT PROJECTS 3°C WARMING BY 2050: ANALYSIS OF NEW PROJECTIONS> TAILSCALE SSH INSECURE ARGUMENT HANDLING ALLOWS ROOT ACCESS VIOLATION> OPENAI RESEARCHER MILES WANG EXPLORES LAUNCH OF AI-DRIVEN DRUG DISCOVERY STARTUP> DATA CENTERS' ELECTRICITY COST INCREASES IMPOSED ON PUBLIC VIA $23 BILLION SURCHARGE> SOLVING 27 ERDŐS PROBLEMS USING PARALLEL AI-DRIVEN LEAN 4 AGENTS> VANCOUVER POLICE DEPARTMENT LAUNCHES QUICK ESCAPE FEATURE FOR WEBSITE PRIVACY> LORDE CRITICIZES META'S AI GLASSES AS 'NOT SEXY' AND RAISES PRIVACY CONCERNS> TRAINING A JEPA WORLD MODEL ON SUPER MARIO BROS FOR DYNAMIC PREDICTION AND PLANNING> OPENAI'S SCREENLESS, MOBILE AI SPEAKER WITH AUTONOMOUS MOVEMENT REVEALED> OPENAI DENIES ALLEGATIONS IN APPLE'S TRADE SECRET LAWSUIT> GERMAN CLIMATE REPORT PROJECTS 3°C WARMING BY 2050: ANALYSIS OF NEW PROJECTIONS> TAILSCALE SSH INSECURE ARGUMENT HANDLING ALLOWS ROOT ACCESS VIOLATION> OPENAI RESEARCHER MILES WANG EXPLORES LAUNCH OF AI-DRIVEN DRUG DISCOVERY STARTUP> DATA CENTERS' ELECTRICITY COST INCREASES IMPOSED ON PUBLIC VIA $23 BILLION SURCHARGE> SOLVING 27 ERDŐS PROBLEMS USING PARALLEL AI-DRIVEN LEAN 4 AGENTS> VANCOUVER POLICE DEPARTMENT LAUNCHES QUICK ESCAPE FEATURE FOR WEBSITE PRIVACY> LORDE CRITICIZES META'S AI GLASSES AS 'NOT SEXY' AND RAISES PRIVACY CONCERNS> TRAINING A JEPA WORLD MODEL ON SUPER MARIO BROS FOR DYNAMIC PREDICTION AND PLANNING> OPENAI'S SCREENLESS, MOBILE AI SPEAKER WITH AUTONOMOUS MOVEMENT REVEALED> OPENAI DENIES ALLEGATIONS IN APPLE'S TRADE SECRET LAWSUIT