What is the CVSS score of EUVD-2026-31397?

EUVD-2026-31397 has a CVSS 3.x base score of 9.1 (N/A). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H. EPSS exploitation probability: 0.0%.

Is there a patch available for EUVD-2026-31397?

Yes, a patch is available for EUVD-2026-31397. Update the affected software to the latest version immediately.

Golang EUVD-2026-31397

| CVE-2026-39830

2026-05-22 Go

Denial Of Service Golang SSH Golang Org X Crypto Ssh

9.1

CVSS

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

High

Lifecycle Timeline

Patch available

May 22, 2026 - 04:31 EUVD

CVE Published

May 22, 2026 - 02:31 nvd

UNKNOWN (no severity yet)

DescriptionNVD

A malicious SSH peer could send unsolicited global request responses to fill an internal buffer, blocking the connection's read loop. The blocked goroutine could not be released by calling Close(), resulting in a resource leak per connection. Unsolicited global responses are now discarded.

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

EUVD-2026-31397 vulnerability details – vuln.today

Back

Golang EUVD-2026-31397

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

Analysis

Full analysis requires sign-in

Share

External POC / Exploit Code