CVE Catalog

CVE-2026-39835

MediumCVSS 5.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.39%

32th percentile - higher than 32% of all known CVEs

Summary

SSH servers using CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could panic when a client presents a certificate. CertChecker now returns an error instead of panicking when these callbacks are nil.

Risk Assessment

An attacker can cause the SSH server to crash, leading to denial of service (DoS) and potential loss of availability for legitimate users.

Recommendation

Update the CertChecker library to the latest version that includes the fix preventing panic when IsUserAuthority and IsHostAuthority callbacks are not set.

Original NVD description (English source)

SSH servers which use CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could be caused to panic by a client presenting a certificate. CertChecker now returns an error instead of panicking when these callbacks are nil.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS