Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-39835)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-39835 advisory. - SSH servers which use CertChecker as a public key callback without setting IsUserAuthority or...

Linux Distros Unpatched Vulnerability : CVE-2026-39835

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SSH servers which use CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could be caused to panic by a client presenting a...

SUSE CVE-2026-39835

SSH servers which use CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could be caused to panic by a client presenting a certificate. CertChecker now returns an error instead of panicking when these callbacks are nil...

EUVD-2026-31393

SSH servers which use CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could be caused to panic by a client presenting a certificate. CertChecker now returns an error instead of panicking when these callbacks are nil...

CVE-2026-39835 Invoking server panic during CheckHostKey/Authenticate in golang.org/x/crypto/ssh

SSH servers which use CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could be caused to panic by a client presenting a certificate. CertChecker now returns an error instead of panicking when these callbacks are nil...

PT-2026-42714

Name of the Vulnerable Software and Affected Versions SSH servers affected versions not specified Description SSH servers using CertChecker as a public key callback may experience a panic when a client presents a certificate if IsUserAuthority or IsHostAuthority are not set. A panic is a critical...