A critical vulnerability (CVE-2026-45695, CVSS 9.8) was disclosed affecting Kopia, the open-source backup and restore tool, allowing attackers to achieve unauthenticated remote code execution via SSH command-line argument injection. Due to the potential for full system compromise without any authentication, immediate patching is required.

Technical Overview

The issue originates from Kopia’s HTTP server API endpoint /api/v1/repo/exists, where insufficient input validation on SFTP storage configuration fields leads to SSH ProxyCommand injection. When the Kopia server is started with the –without-password flag and the repository backend uses SFTP with external SSH enabled, user-supplied fields are passed directly into an SSH command line. The code splits incoming arguments using only literal space characters and completely lacks a proper tokenizer, quote handling controls, or strict input validation allowlists. By sending a single crafted HTTP request containing -oProxyCommand=<cmd> tokens in the storage configuration fields, attackers can force OpenSSH to execute arbitrary shell commands before any network connection is attempted, completely bypassing the intended SFTP workflow.

No authentication is required to exploit this issue. The attack requires only that the Kopia server be reachable over the network and running in passwordless mode, a configuration that some administrators use for convenience in internal environments.

Affected Versions and Environments

The following components are affected: Kopia HTTP server, versions 0.22.3 and earlier. Kopia is widely used by individuals, enterprises, and managed service providers for backing up data to cloud storage (S3, GCS, Azure Blob), SFTP servers, and local filesystems. Environments where the Kopia server is started with –without-password and bound to non-loopback interfaces are directly exploitable, particularly when the SFTP backend with external SSH is configured. Self-hosted Kopia deployments behind reverse proxies without additional authentication layers are also at risk.

Remediation Guidance

Users should upgrade to version 0.23.0 or later immediately. Version 0.23.0 introduces a breaking change that prevents the server from starting with –insecure and –without-password on non-loopback interfaces. Administrators who cannot upgrade immediately should ensure that Kopia servers are not exposed on non-loopback interfaces without authentication, bind the server to localhost (127.0.0.1) only, and place any externally-accessible Kopia instances behind an authenticating reverse proxy. An escape hatch flag (–allow-extremely-dangerous-unauthenticated-server-on-the-network) exists for isolated environments, but its use is strongly discouraged.

Current Threat Status

At the time of writing, the vulnerability was responsibly disclosed by security researcher Daniele Berardinelli, and the fix has been merged via GitHub PR #5354 with an associated GitHub Security Advisory (GHSA-2q4c-3mrw-63c3). No public proof-of-concept exploit code has been identified, though the simplicity of the attack vector (a single HTTP request) means weaponization is straightforward. Regardless, the severity and ease of exploitation make this vulnerability high risk, especially in internet-facing deployments. Successful exploitation could allow attackers to execute arbitrary commands as the Kopia process user, access or exfiltrate all backup data managed by the server, and potentially pivot to compromise additional infrastructure, leading to service disruption, data exposure, or full infrastructure compromise.

How can Orca help?

Orca enables customers to quickly identify assets running vulnerable versions of Kopia, understand their exposure in context — including internet accessibility, runtime reachability, and asset criticality — and prioritize remediation based on real risk rather than CVSS alone. Orca’s platform highlights affected assets directly in the newItem view, helping security teams focus on the most critical remediation paths first.