Lucene search
K

149 matches found

Github Security Blog
Github Security Blog
added 2026/06/25 10:14 p.m.8 views

golang.org/x/crypto vulnerable to invoking bypass of certificate restrictions

When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError...

8.8CVSS6AI score0.00314EPSS
Exploits0References28Affected Software1
NVD
NVD
added 2026/06/25 7:16 p.m.9 views

CVE-2026-28898

swift-nio-http2's HTTP/2-to-HTTP/1.1 codec did not validate pseudo-header values for control characters before placing them into the translated HTTP/1.1 message. swift-nio-http2 1.44.1 adds validation of all pseudo-header values :path, :authority, :scheme, :method, and :status at both the HPACK...

5.3CVSS0.00192EPSS
Exploits0References1
CVE
CVE
added 2026/06/25 6:36 p.m.56 views

CVE-2026-28898

CVE-2026-28898 concerns swift-nio-http2, where the HTTP/2-to-HTTP/1.1 codec did not validate pseudo-header values for control characters before translating to HTTP/1.1. The issue is addressed in swift-nio-http2 1.44.1, which adds validation for all pseudo-header values (:path, :authority, :scheme...

5.3CVSS5.8AI score0.00192EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/25 6:36 p.m.7 views

CVE-2026-28898

swift-nio-http2's HTTP/2-to-HTTP/1.1 codec did not validate pseudo-header values for control characters before placing them into the translated HTTP/1.1 message. swift-nio-http2 1.44.1 adds validation of all pseudo-header values :path, :authority, :scheme, :method, and :status at both the HPACK...

5.3CVSS5.8AI score0.00192EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:44 p.m.12 views

CVE-2026-39828

A flaw was found in golang.org/x/crypto/ssh. A remote attacker could exploit this vulnerability when an SSH server authentication callback returned a PartialSuccessError with non-nil permissions. This flaw caused these permissions to be silently discarded, potentially bypassing certificate...

8.8CVSS5.4AI score0.00314EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2026/05/23 1:29 a.m.22 views

SUSE CVE-2026-39828

When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError...

8.1CVSS5.8AI score0.00314EPSS
Exploits0References27
NVD
NVD
added 2026/05/22 4:16 a.m.14 views

CVE-2026-39828

When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError...

8.8CVSS0.00314EPSS
Exploits0References26
OSV
OSV
added 2026/05/22 2:31 a.m.2 views

CVE-2026-39828 Invoking bypass of certificate restrictions in golang.org/x/crypto/ssh

When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError...

6.3CVSS6AI score0.00314EPSS
Exploits0References29
ATTACKERKB
ATTACKERKB
added 2026/05/22 2:31 a.m.8 views

CVE-2026-39828

When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError...

5.8AI score0.00314EPSS
Exploits0References5
OSV
OSV
added 2026/05/22 2:8 a.m.7 views

GO-2026-5014 Invoking bypass of certificate restrictions in golang.org/x/crypto/ssh

When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError...

8.8CVSS5.8AI score0.00314EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hciconn: now returns ERRPTR instead of NULL when there is no link. Currently, hciconnectsco returns NULL when there is no link i.e., when hciconnlink returns NULL. scoconnect expects ERRPTR in case of any error see...

5.4AI score0.00152EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/07 2:17 a.m.17 views

SUSE CVE-2026-43226

In the Linux kernel, the following vulnerability has been resolved: net/rds: No shortcut out of RDSCONNERROR RDS connections carry a state "rdsconnpath::cpstate" and transitions from one state to another and are conditional upon an expected state: "rdsconnpathtransition." There is one exception t...

7.5CVSS5.8AI score0.00523EPSS
Exploits0References3
NVD
NVD
added 2026/05/06 12:16 p.m.13 views

CVE-2026-43226

In the Linux kernel, the following vulnerability has been resolved: net/rds: No shortcut out of RDSCONNERROR RDS connections carry a state "rdsconnpath::cpstate" and transitions from one state to another and are conditional upon an expected state: "rdsconnpathtransition." There is one exception t...

7.5CVSS0.00523EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2026/05/06 11:28 a.m.15 views

CVE-2026-43226

In the Linux kernel, the following vulnerability has been resolved: net/rds: No shortcut out of RDSCONNERROR RDS connections carry a state "rdsconnpath::cpstate" and transitions from one state to another and are conditional upon an expected state: "rdsconnpathtransition." There is one exception t...

7.5CVSS5.7AI score0.00523EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/05/06 11:28 a.m.8 views

CVE-2026-43226

In the Linux kernel, the following vulnerability has been resolved: net/rds: No shortcut out of RDSCONNERROR RDS connections carry a state "rdsconnpath::cpstate" and transitions from one state to another and are conditional upon an expected state: "rdsconnpathtransition." There is one exception t...

5.8AI score0.00523EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2026/05/06 11:28 a.m.50 views

CVE-2026-43226

The CVE-2026-43226 issue affects the Linux kernel Reliable Datagram Sockets (RDS). A state-machine bug allowed an RDS_CONN_ERROR to bypass the proper shutdown path via a shortcut through RDS_CONN_CONNECTING, created by RDS/TCP multipath changes. This could leave a connection stuck in shutdown-que...

7.5CVSS5.8AI score0.00523EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2026/05/06 11:28 a.m.3 views

CVE-2026-43226 net/rds: No shortcut out of RDS_CONN_ERROR

In the Linux kernel, the following vulnerability has been resolved: net/rds: No shortcut out of RDSCONNERROR RDS connections carry a state "rdsconnpath::cpstate" and transitions from one state to another and are conditional upon an expected state: "rdsconnpathtransition." There is one exception t...

7.5CVSS6.5AI score0.00523EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.17 views

PT-2026-37566

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Reliable Delivery Service RDS implementation where a shortcut was introduced allowing connections to transition from RDS CONN ERROR directly back to RDS CONN...

7.5CVSS5.8AI score0.00523EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.13 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from bypassing the RDSCONNERROR state during the handling of RDS connection status. This may lead to abnorma...

7.5CVSS5.8AI score0.00523EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/02/19 12:28 a.m.7 views

SUSE CVE-2025-71227

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't WARN for connections on invalid channels It's not clear to me how exactly syzbot managed to hit this, but it seems conceivable that e.g. regulatory changed and has disabled a channel between scanning channel...

5.5CVSS5.7AI score0.001EPSS
Exploits0References3
Rows per page
Query Builder