CVE-2026-39834

When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop to spin indefinitely, sending empty packets without making progress. The size comparison now uses int64 to prevent truncation...

EUVD-2026-31400

When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop to spin indefinitely, sending empty packets without making progress. The size comparison now uses int64 to prevent truncation...

CVE-2026-39834

When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop to spin indefinitely, sending empty packets without making progress. The size comparison now uses int64 to prevent truncation...

CVE-2026-46598 Invoking pathological inputs can lead to client panic in golang.org/x/crypto/ssh/agent

For certain crafted inputs, a 'ed25519.PrivateKey' was created by casting malformed wire bytes, leading to a panic when used...

CVE-2026-39827

An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected users. Rejected channels are now properly removed from the connection's internal state and released for...

CVE-2026-39830

A malicious SSH peer could send unsolicited global request responses to fill an internal buffer, blocking the connection's read loop. The blocked goroutine could not be released by calling Close, resulting in a resource leak per connection. Unsolicited global responses are now discarded...

CVE-2026-46598

CVE-2026-46598: Several connected sources confirm that for certain crafted inputs, a golang.org/x/crypto/ssh/agent workflow can cast malformed wire bytes into an ed25519.PrivateKey, causing a panic when the key is used. The description is consistent across NVD, Debian, CIRCL, and OSV entries, ind...

CVE-2026-39830

A malicious SSH peer could send unsolicited global request responses to fill an internal buffer, blocking the connection's read loop. The blocked goroutine could not be released by calling Close, resulting in a resource leak per connection. Unsolicited global responses are now discarded...

CVE-2026-39830

CVE-2026-39830 describes a vulnerability in golang.org/x/crypto/ssh where a malicious SSH peer can send unsolicited global request responses to fill an internal buffer, causing the connection read loop to block. The blocked goroutine cannot be released by Close(), leading to a per-connection reso...

CVE-2026-39835 Invoking server panic during CheckHostKey/Authenticate in golang.org/x/crypto/ssh

SSH servers which use CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could be caused to panic by a client presenting a certificate. CertChecker now returns an error instead of panicking when these callbacks are nil...

CVE-2026-39835

SSH servers which use CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could be caused to panic by a client presenting a certificate. CertChecker now returns an error instead of panicking when these callbacks are nil...

EUVD-2026-31393

SSH servers which use CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could be caused to panic by a client presenting a certificate. CertChecker now returns an error instead of panicking when these callbacks are nil...

CVE-2026-39828

When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError...

CVE-2026-39828

CVE-2026-39828 affects the SSH handling in golang.org/x/crypto/ssh. When an SSH server authentication callback returns PartialSuccessError with non-nil Permissions, the permissions are discarded, potentially bypassing certificate restrictions (e.g., force-command) after 2FA. Returning non-nil Per...

GO-2026-5017 Invoking client can cause server deadlock on unexpected responses in golang.org/x/crypto/ssh

A malicious SSH peer could send unsolicited global request responses to fill an internal buffer, blocking the connection's read loop. The blocked goroutine could not be released by calling Close, resulting in a resource leak per connection. Unsolicited global responses are now discarded...

GO-2026-5014 Invoking bypass of certificate restrictions in golang.org/x/crypto/ssh

When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError...

GO-2026-5033 Invoking pathological inputs can lead to client panic in golang.org/x/crypto/ssh/agent

For certain crafted inputs, a 'ed25519.PrivateKey' was created by casting malformed wire bytes, leading to a panic when used...

RockyLinux 9 : cockpit: Unauthenticated remote code execution due to SSH command-line argument injection (Critical) (RLSA-2026:7384)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:7384 advisory. cockpit: ws: be more explicit when handling hostnames on cli CVE-2026-4631 Tenable has extracted the preceding description block directly from the RockyLinux...

RockyLinux 9 : openssh (RLSA-2025:23480)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:23480 advisory. openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand CVE-2025-61984 openssh: OpenSSH: Null character in ssh://...

Dell PowerFlex Manager 加密问题漏洞

Dell PowerFlex Manager is a software-defined infrastructure deployment and lifecycle management platform developed by the American company Dell. Versions of Dell PowerFlex Manager prior to 4.6.2 contained an encryption vulnerability. This vulnerability stemmed from the use of defective or high-ri...