TS-2026-009: Insecure argument handling in Tailscale SSH permitted root access
Summary
Tailscale’s Security Bulletin TS-2026-009 documents insecure command line argument handling in Tailscale SSH that could allow an attacker to gain a root session, bypassing ACL restrictions. The issue has been fixed in version 1.98.9 or newer, with remediation guidance to upgrade. The article provides the incident details, affected scope, and recommended actions for administrators.