Skip to main content

Golang Org X Crypto Ssh

9 CVEs product

Monthly

CVE-2026-46595 Go CRITICAL PATCH GHSA Act Now

Authorization bypass in the Go golang.org/x/crypto/ssh package before version 0.52.0 allows remote attackers to circumvent source-address restrictions when SSH server configurations use callback authentication types other than public key. This is an incomplete-fix follow-up to CVE-2024-45337, which only addressed the public-key callback path while leaving other callback types vulnerable to the same source-address validation skip. No public exploit identified at time of analysis, EPSS is very low at 0.02%, and SSVC indicates no observed exploitation though the issue is automatable with partial technical impact.

Authentication Bypass Golang Org X Crypto Ssh
NVD VulDB
CVSS 3.1
10.0
EPSS
0.0%
CVE-2026-39834 Go CRITICAL PATCH GHSA Act Now

Denial of service in the Go golang.org/x/crypto/ssh package (versions prior to 0.52.0) occurs when an application writes more than 4GB of data in a single Write call on an SSH channel, triggering an integer overflow in the internal payload size calculation that causes the write loop to spin indefinitely while emitting empty packets. The flaw affects any Go application using this SSH library for large data transfers and is patched upstream with a release in version 0.52.0; no public exploit identified at time of analysis and EPSS probability is very low at 0.02%.

Buffer Overflow Integer Overflow Golang Org X Crypto Ssh Suse
NVD VulDB
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-39831 Go CRITICAL PATCH GHSA Act Now

Authentication bypass in the Go x/crypto/ssh library (versions before 0.52.0) allows SSH servers to accept FIDO/U2F security key signatures that were generated without the required physical user touch. The Verify() method for sk-ecdsa-sha2-nistp256@openssh.com and sk-ssh-ed25519@openssh.com key types failed to check the User Presence flag, enabling unattended use of stolen or relayed hardware-token signatures. No public exploit identified at time of analysis and EPSS is very low (0.01%), but SSVC rates technical impact as total with automatable exploitation.

SSH Authentication Bypass Golang Org X Crypto Ssh Suse
NVD VulDB
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-39829 Go HIGH POC PATCH GHSA This Week

Denial of service in the Go golang.org/x/crypto/ssh library before version 0.52.0 allows unauthenticated remote attackers to exhaust CPU on SSH servers by submitting crafted RSA or DSA public keys with oversized parameters during public key authentication. EPSS is very low (0.03%) and there is no public exploit identified at time of analysis, but the bug is trivial to trigger and the fix has been published by the Go team in CL 781641/781661.

Jwt Attack Information Disclosure Golang Org X Crypto Ssh
NVD VulDB GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-39830 Go CRITICAL POC PATCH GHSA Act Now

Resource exhaustion in the Go golang.org/x/crypto/ssh package allows a malicious SSH peer to leak goroutines and memory by sending unsolicited global request responses that fill an internal buffer and block the connection's read loop. Affected versions are below 0.52.0, and even calling Close() fails to release the blocked goroutine, enabling per-connection resource leaks against any Go application using this library as an SSH client or server. There is no public exploit identified at time of analysis, and the EPSS score of 0.02% (4th percentile) indicates very low observed exploitation interest despite the high CVSS rating.

Buffer Overflow Golang Org X Crypto Ssh
NVD VulDB GitHub
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-39827 Go MEDIUM POC PATCH GHSA This Month

Unbounded memory growth in the golang.org/x/crypto/ssh package allows an authenticated remote attacker to crash the SSH server process by repeatedly opening channels that the server rejects. All versions of golang.org/x/crypto/ssh prior to 0.52.0 are affected, and a successful attack disrupts service for every user connected to that server instance. No public exploit has been identified at time of analysis, and EPSS probability sits at 0.02% (5th percentile), though the authentication barrier is low and the availability impact affects all concurrent sessions.

Denial Of Service Golang Org X Crypto Ssh
NVD VulDB GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-39835 Go MEDIUM POC PATCH GHSA This Month

Unauthenticated remote clients can crash SSH servers built with golang.org/x/crypto/ssh by presenting a certificate during the handshake when CertChecker is used as a public key callback without initializing IsUserAuthority or IsHostAuthority. All versions prior to 0.52.0 are affected; the nil function pointer dereference causes a Go runtime panic that terminates the SSH service. No public exploit code has been identified and EPSS places exploitation probability at the 1st percentile (0.01%), though the attack requires no authentication and low complexity per the CVSS vector.

Information Disclosure Golang Org X Crypto Ssh
NVD VulDB GitHub
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-39828 Go MEDIUM POC PATCH GHSA This Month

SSH certificate permission enforcement in golang.org/x/crypto/ssh fails silently during multi-factor authentication flows, allowing authenticated users to bypass certificate-enforced restrictions such as force-command. Specifically, when an SSH server authentication callback returns PartialSuccessError with non-nil Permissions (as occurs in MFA sequences where a first factor succeeds and a second is required), those certificate permissions are silently discarded rather than propagated to the final session. Any Go-based SSH server using this library with both MFA and certificate-based permission restrictions is affected in versions prior to 0.52.0. No public exploit identified at time of analysis, and CISA KEV does not list this vulnerability.

Information Disclosure Golang Org X Crypto Ssh
NVD VulDB GitHub
CVSS 3.1
6.3
EPSS
0.0%
CVE-2026-46597 Go HIGH POC PATCH GHSA This Week

Denial of service in the Go golang.org/x/crypto/ssh package (versions prior to 0.52.0) allows remote unauthenticated attackers to crash SSH server processes by sending crafted AES-GCM encrypted packets. An incorrectly placed bytes-to-int cast in the AES-GCM packet decoder triggers a server-side panic when processing well-crafted inputs. No public exploit identified at time of analysis, and EPSS exploitation probability is very low at 0.02%.

Information Disclosure Golang Org X Crypto Ssh Suse
NVD VulDB GitHub
CVSS 3.1
7.5
EPSS
0.0%
EPSS 0% CVSS 10.0
CRITICAL PATCH Act Now

Authorization bypass in the Go golang.org/x/crypto/ssh package before version 0.52.0 allows remote attackers to circumvent source-address restrictions when SSH server configurations use callback authentication types other than public key. This is an incomplete-fix follow-up to CVE-2024-45337, which only addressed the public-key callback path while leaving other callback types vulnerable to the same source-address validation skip. No public exploit identified at time of analysis, EPSS is very low at 0.02%, and SSVC indicates no observed exploitation though the issue is automatable with partial technical impact.

Authentication Bypass Golang Org X Crypto Ssh
NVD VulDB
EPSS 0% CVSS 9.1
CRITICAL PATCH Act Now

Denial of service in the Go golang.org/x/crypto/ssh package (versions prior to 0.52.0) occurs when an application writes more than 4GB of data in a single Write call on an SSH channel, triggering an integer overflow in the internal payload size calculation that causes the write loop to spin indefinitely while emitting empty packets. The flaw affects any Go application using this SSH library for large data transfers and is patched upstream with a release in version 0.52.0; no public exploit identified at time of analysis and EPSS probability is very low at 0.02%.

Buffer Overflow Integer Overflow Golang Org X Crypto Ssh +1
NVD VulDB
EPSS 0% CVSS 9.1
CRITICAL PATCH Act Now

Authentication bypass in the Go x/crypto/ssh library (versions before 0.52.0) allows SSH servers to accept FIDO/U2F security key signatures that were generated without the required physical user touch. The Verify() method for sk-ecdsa-sha2-nistp256@openssh.com and sk-ssh-ed25519@openssh.com key types failed to check the User Presence flag, enabling unattended use of stolen or relayed hardware-token signatures. No public exploit identified at time of analysis and EPSS is very low (0.01%), but SSVC rates technical impact as total with automatable exploitation.

SSH Authentication Bypass Golang Org X Crypto Ssh +1
NVD VulDB
EPSS 0% CVSS 7.5
HIGH POC PATCH This Week

Denial of service in the Go golang.org/x/crypto/ssh library before version 0.52.0 allows unauthenticated remote attackers to exhaust CPU on SSH servers by submitting crafted RSA or DSA public keys with oversized parameters during public key authentication. EPSS is very low (0.03%) and there is no public exploit identified at time of analysis, but the bug is trivial to trigger and the fix has been published by the Go team in CL 781641/781661.

Jwt Attack Information Disclosure Golang Org X Crypto Ssh
NVD VulDB GitHub
EPSS 0% CVSS 9.1
CRITICAL POC PATCH Act Now

Resource exhaustion in the Go golang.org/x/crypto/ssh package allows a malicious SSH peer to leak goroutines and memory by sending unsolicited global request responses that fill an internal buffer and block the connection's read loop. Affected versions are below 0.52.0, and even calling Close() fails to release the blocked goroutine, enabling per-connection resource leaks against any Go application using this library as an SSH client or server. There is no public exploit identified at time of analysis, and the EPSS score of 0.02% (4th percentile) indicates very low observed exploitation interest despite the high CVSS rating.

Buffer Overflow Golang Org X Crypto Ssh
NVD VulDB GitHub
EPSS 0% CVSS 6.5
MEDIUM POC PATCH This Month

Unbounded memory growth in the golang.org/x/crypto/ssh package allows an authenticated remote attacker to crash the SSH server process by repeatedly opening channels that the server rejects. All versions of golang.org/x/crypto/ssh prior to 0.52.0 are affected, and a successful attack disrupts service for every user connected to that server instance. No public exploit has been identified at time of analysis, and EPSS probability sits at 0.02% (5th percentile), though the authentication barrier is low and the availability impact affects all concurrent sessions.

Denial Of Service Golang Org X Crypto Ssh
NVD VulDB GitHub
EPSS 0% CVSS 5.3
MEDIUM POC PATCH This Month

Unauthenticated remote clients can crash SSH servers built with golang.org/x/crypto/ssh by presenting a certificate during the handshake when CertChecker is used as a public key callback without initializing IsUserAuthority or IsHostAuthority. All versions prior to 0.52.0 are affected; the nil function pointer dereference causes a Go runtime panic that terminates the SSH service. No public exploit code has been identified and EPSS places exploitation probability at the 1st percentile (0.01%), though the attack requires no authentication and low complexity per the CVSS vector.

Information Disclosure Golang Org X Crypto Ssh
NVD VulDB GitHub
EPSS 0% CVSS 6.3
MEDIUM POC PATCH This Month

SSH certificate permission enforcement in golang.org/x/crypto/ssh fails silently during multi-factor authentication flows, allowing authenticated users to bypass certificate-enforced restrictions such as force-command. Specifically, when an SSH server authentication callback returns PartialSuccessError with non-nil Permissions (as occurs in MFA sequences where a first factor succeeds and a second is required), those certificate permissions are silently discarded rather than propagated to the final session. Any Go-based SSH server using this library with both MFA and certificate-based permission restrictions is affected in versions prior to 0.52.0. No public exploit identified at time of analysis, and CISA KEV does not list this vulnerability.

Information Disclosure Golang Org X Crypto Ssh
NVD VulDB GitHub
EPSS 0% CVSS 7.5
HIGH POC PATCH This Week

Denial of service in the Go golang.org/x/crypto/ssh package (versions prior to 0.52.0) allows remote unauthenticated attackers to crash SSH server processes by sending crafted AES-GCM encrypted packets. An incorrectly placed bytes-to-int cast in the AES-GCM packet decoder triggers a server-side panic when processing well-crafted inputs. No public exploit identified at time of analysis, and EPSS exploitation probability is very low at 0.02%.

Information Disclosure Golang Org X Crypto Ssh Suse
NVD VulDB GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy