Skip to main content

golang.org/x/crypto CVE-2026-39833

| EUVDEUVD-2026-31389 CRITICAL
Missing Authorization (CWE-862)
2026-05-22 Go GHSA-jppx-rxg9-jmrx
9.1
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
9.1 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
SUSE
CRITICAL
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
None

Lifecycle Timeline

4
Analysis Generated
May 28, 2026 - 15:07 vuln.today
CVSS changed
May 28, 2026 - 15:07 NVD
9.1 (None) 9.1 (CRITICAL)
Patch available
May 22, 2026 - 04:31 EUVD
CVE Published
May 22, 2026 - 02:31 nvd
UNKNOWN (no severity yet)

DescriptionCVE.org

The in-memory keyring returned by NewKeyring() silently accepted keys with the ConfirmBeforeUse constraint but never enforced it. The key would sign without any confirmation prompt, with no indication to the caller that the constraint was not in effect. NewKeyring() now returns an error when unsupported constraints are requested.

AnalysisAI

Authentication bypass in Go's golang.org/x/crypto/ssh/agent in-memory keyring (versions before 0.52.0) allows SSH key signing operations to proceed without the intended ConfirmBeforeUse user confirmation prompt. Applications that relied on this constraint to gate sensitive signing actions effectively had no protection, with no error returned to indicate the constraint was silently ignored. No public exploit identified at time of analysis and EPSS is very low (0.02%), but SSVC rates technical impact as total.

Technical ContextAI

The vulnerability lives in the agent.NewKeyring() implementation of the golang.org/x/crypto/ssh/agent package, which provides an in-memory SSH agent keyring used by Go programs that implement or embed an ssh-agent. SSH agent key constraints (RFC 4251 / draft-miller-ssh-agent) allow callers to attach restrictions to a key such as ConfirmBeforeUse, which is supposed to require an out-of-band confirmation before each signing operation. The CPE confirms the affected component is cpe:2.3:a:golang.org/x/crypto:golang.org/x/crypto/ssh/agent. CWE-862 (Missing Authorization) describes the root cause: the keyring accepted the constraint at AddKey time but the Sign path never consulted or enforced it, so the authorization check that callers expected was simply absent.

RemediationAI

Vendor-released patch: upgrade golang.org/x/crypto to 0.52.0 or later (run 'go get golang.org/x/crypto@v0.52.0' and rebuild affected binaries), tracked in the upstream issue at https://go.dev/issue/79436 with fixes in https://go.dev/cl/778640 and https://go.dev/cl/778641 and announced at https://groups.google.com/g/golang-announce/c/a082jnz-LvI. After upgrading, NewKeyring() now returns an error when an unsupported constraint such as ConfirmBeforeUse is requested, so audit calling code to handle that error and either implement confirmation out-of-band or refuse to add the key. Until the upgrade can be deployed, do not rely on ConfirmBeforeUse as a security boundary in the in-memory keyring - instead remove keys requiring confirmation from the keyring, gate signing in the calling application layer, or restrict agent socket exposure to trusted local processes only; the trade-off is loss of per-use confirmation UX that some workflows depend on.

Vendor StatusVendor

SUSE

Severity: Critical
Product Status
openSUSE Leap 16.0 Fixed
openSUSE Tumbleweed Fixed
SLES15-SP6-CHOST-BYOS-GCE Fixed
SLES15-SP7-CHOST-BYOS-GCE Fixed
SUSE Linux Enterprise Desktop 15 SP7 Fixed

Share

CVE-2026-39833 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy