MEDIUM

CVE-2026-39833 Invoking key constraints not enforced in golang.org/x/crypto/ssh/agent

Microsoft Security Response Center • May 27, 2026

MEDIUM

CVE-2026-46595 Invoking VerifiedPublicKeyCallback permissions skip enforcement in golang.org/x/crypto/ssh

Microsoft Security Response Center • May 27, 2026

MEDIUM

CVE-2026-46598 Invoking pathological inputs can lead to client panic in golang.org/x/crypto/ssh/agent

Microsoft Security Response Center • May 27, 2026

MEDIUM

CVE-2026-39828 Invoking bypass of certificate restrictions in golang.org/x/crypto/ssh

Microsoft Security Response Center • May 27, 2026

MEDIUM

CVE-2026-39834 Invoking infinite loop on large channel writes in golang.org/x/crypto/ssh

Microsoft Security Response Center • May 27, 2026

MEDIUM

CVE-2026-39835 Invoking server panic during CheckHostKey/Authenticate in golang.org/x/crypto/ssh

Microsoft Security Response Center • May 27, 2026

MEDIUM

CVE-2026-39827 Invoking memory leak when rejecting channels can lead to DoS in golang.org/x/crypto/ssh

Microsoft Security Response Center • May 27, 2026

MEDIUM

CVE-2026-39831 Invoking bypass of FIDO/U2F security keys physical interaction in golang.org/x/crypto/ssh

Microsoft Security Response Center • May 27, 2026

MEDIUM

CVE-2026-46597 Invoking byte arithmetic causes underflow and panic in golang.org/x/crypto/ssh

Microsoft Security Response Center • May 27, 2026

MEDIUM

CVE-2026-39830 Invoking client can cause server deadlock on unexpected responses in golang.org/x/crypto/ssh

Microsoft Security Response Center • May 27, 2026