Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines.
https://www.sudo.ws/security/advisories/
https://www.sudo.ws/releases/changelog/
https://www.stratascale.com/vulnerability-alert-CVE-2025-32462-sudo-host