Do someone of you use OpenSSH?
The Qualys Threat Research Unit (TRU) has discovered a remote code execution vulnerability in OpenSSH’s forwarded ssh-agent.
This vulnerability allows a remote attacker to potentially execute arbitrary commands on vulnerable OpenSSH’s forwarded ssh-agent.
Given the widespread use of OpenSSH’s forwarded ssh-agent Qualys Research Unit recommends that security teams apply patches for this vulnerability on priority.[1]
Since it was drafted and a patch was sent on 06/07/2023 - you can now patch it.
[1] Blog Qualys : CVE-2023-38408: Remote Code Execution in OpenSSH’s forwarded ssh-agent