<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Tue, 14 Jul 2026 06:22:44 +0000</lastBuildDate>
    <item>
      <title>85af0409-df69-4632-b849-9b4d40b8d297</title>
      <link>https://vulnerability.circl.lu/sighting/85af0409-df69-4632-b849-9b4d40b8d297/export</link>
      <description>{"uuid": "85af0409-df69-4632-b849-9b4d40b8d297", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-39835", "type": "seen", "source": "https://gist.github.com/alon710/c4000d6cf995053d5e37ba048c93349d", "content": "# CVE-2026-39835: CVE-2026-39835: Remote Denial of Service via Null Pointer Dereference in Go SSH CertChecker\n\n&amp;gt; **CVSS Score:** 5.3\n&amp;gt; **Published:** 2026-06-25\n&amp;gt; **Full Report:** https://cvereports.com/reports/CVE-2026-39835\n\n## Summary\nA Denial of Service (DoS) vulnerability exists in the Go SSH implementation package (golang.org/x/crypto/ssh). The vulnerability is caused by a null pointer dereference (runtime panic) when CertChecker is utilized as a public key callback but its validation fields, IsUserAuthority or IsHostAuthority, are uninitialized.\n\n## TL;DR\nAn unauthenticated remote attacker can crash Go SSH servers using CertChecker by presenting certificates during the handshake, exploiting uninitialized function pointers.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-476\n- **Attack Vector**: Network\n- **CVSS Severity**: 5.3 (Medium)\n- **Exploit Status**: Proof of Concept\n- **Affected Package**: golang.org/x/crypto/ssh\n- **Fixed Version**: v0.52.0\n\n## Affected Systems\n\n- Docker / Moby\n- HashiCorp Vault\n- Prometheus\n- Gitea\n- containerd\n- Podman\n- Trivy\n- Amazon CloudWatch Agent\n- AWS Systems Manager Agent (SSM)\n- SOPS\n- Atlantis\n- Cloudflared\n- Splunk OpenTelemetry Collector\n- **golang.org/x/crypto**: &amp;lt; 0.52.0 (Fixed in: `0.52.0`)\n\n## Mitigation\n\n- Upgrade golang.org/x/crypto to v0.52.0 or higher.\n- Audit CertChecker instantiations to ensure all authority callbacks are non-nil.\n- Implement fallback validation functions that explicitly deny requests instead of leaving them uninitialized.\n\n**Remediation Steps:**\n1. Verify local Go installation and project dependencies.\n2. Run 'go get golang.org/x/crypto@v0.52.0' to update the module.\n3. Run 'go mod tidy' to synchronize dependencies.\n4. Recompile and redeploy the affected services.\n5. Verify vulnerability remediation using 'govulncheck'.\n\n## References\n\n- [Go Issue 79563](https://go.dev/issue/79563)\n- [Go Announce Mailing List](https://groups.google.com/g/golang-announce/c/a082jnz-LvI)\n- [Go VulnDB Entry GO-2026-5015](https://pkg.go.dev/vuln/GO-2026-5015)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-39835) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-26T08:42:13.243537Z"}</description>
      <content:encoded>{"uuid": "85af0409-df69-4632-b849-9b4d40b8d297", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-39835", "type": "seen", "source": "https://gist.github.com/alon710/c4000d6cf995053d5e37ba048c93349d", "content": "# CVE-2026-39835: CVE-2026-39835: Remote Denial of Service via Null Pointer Dereference in Go SSH CertChecker\n\n&amp;gt; **CVSS Score:** 5.3\n&amp;gt; **Published:** 2026-06-25\n&amp;gt; **Full Report:** https://cvereports.com/reports/CVE-2026-39835\n\n## Summary\nA Denial of Service (DoS) vulnerability exists in the Go SSH implementation package (golang.org/x/crypto/ssh). The vulnerability is caused by a null pointer dereference (runtime panic) when CertChecker is utilized as a public key callback but its validation fields, IsUserAuthority or IsHostAuthority, are uninitialized.\n\n## TL;DR\nAn unauthenticated remote attacker can crash Go SSH servers using CertChecker by presenting certificates during the handshake, exploiting uninitialized function pointers.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-476\n- **Attack Vector**: Network\n- **CVSS Severity**: 5.3 (Medium)\n- **Exploit Status**: Proof of Concept\n- **Affected Package**: golang.org/x/crypto/ssh\n- **Fixed Version**: v0.52.0\n\n## Affected Systems\n\n- Docker / Moby\n- HashiCorp Vault\n- Prometheus\n- Gitea\n- containerd\n- Podman\n- Trivy\n- Amazon CloudWatch Agent\n- AWS Systems Manager Agent (SSM)\n- SOPS\n- Atlantis\n- Cloudflared\n- Splunk OpenTelemetry Collector\n- **golang.org/x/crypto**: &amp;lt; 0.52.0 (Fixed in: `0.52.0`)\n\n## Mitigation\n\n- Upgrade golang.org/x/crypto to v0.52.0 or higher.\n- Audit CertChecker instantiations to ensure all authority callbacks are non-nil.\n- Implement fallback validation functions that explicitly deny requests instead of leaving them uninitialized.\n\n**Remediation Steps:**\n1. Verify local Go installation and project dependencies.\n2. Run 'go get golang.org/x/crypto@v0.52.0' to update the module.\n3. Run 'go mod tidy' to synchronize dependencies.\n4. Recompile and redeploy the affected services.\n5. Verify vulnerability remediation using 'govulncheck'.\n\n## References\n\n- [Go Issue 79563](https://go.dev/issue/79563)\n- [Go Announce Mailing List](https://groups.google.com/g/golang-announce/c/a082jnz-LvI)\n- [Go VulnDB Entry GO-2026-5015](https://pkg.go.dev/vuln/GO-2026-5015)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/CVE-2026-39835) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-26T08:42:13.243537Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/85af0409-df69-4632-b849-9b4d40b8d297/export</guid>
      <pubDate>Fri, 26 Jun 2026 08:42:13 +0000</pubDate>
    </item>
    <item>
      <title>b67caec6-d38e-4e6b-b620-3958829e7dfb</title>
      <link>https://vulnerability.circl.lu/sighting/b67caec6-d38e-4e6b-b620-3958829e7dfb/export</link>
      <description>{"uuid": "b67caec6-d38e-4e6b-b620-3958829e7dfb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-39835", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mnafjazque2y", "content": "\ud83d\udd17 CVE : CVE-2026-25680, CVE-2026-25681, CVE-2026-39827, CVE-2026-39828, CVE-2026-39835, CVE-2026-41401, CVE-2026-42502, CVE-2026-46598, CVE-2026-8466, CVE-2026-25680, CVE-2026-25681, CVE-2026-39827, CVE-2026-39828, CVE-2026-39835, CVE-2026-41401, CVE-2026-42502, CVE-2026-46598, CVE-2026-8466", "creation_timestamp": "2026-06-01T15:38:41.030805Z"}</description>
      <content:encoded>{"uuid": "b67caec6-d38e-4e6b-b620-3958829e7dfb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-39835", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mnafjazque2y", "content": "\ud83d\udd17 CVE : CVE-2026-25680, CVE-2026-25681, CVE-2026-39827, CVE-2026-39828, CVE-2026-39835, CVE-2026-41401, CVE-2026-42502, CVE-2026-46598, CVE-2026-8466, CVE-2026-25680, CVE-2026-25681, CVE-2026-39827, CVE-2026-39828, CVE-2026-39835, CVE-2026-41401, CVE-2026-42502, CVE-2026-46598, CVE-2026-8466", "creation_timestamp": "2026-06-01T15:38:41.030805Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/b67caec6-d38e-4e6b-b620-3958829e7dfb/export</guid>
      <pubDate>Mon, 01 Jun 2026 15:38:41 +0000</pubDate>
    </item>
    <item>
      <title>718aa917-072e-44f4-b948-7bc47bb32e46</title>
      <link>https://vulnerability.circl.lu/sighting/718aa917-072e-44f4-b948-7bc47bb32e46/export</link>
      <description>{"uuid": "718aa917-072e-44f4-b948-7bc47bb32e46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-39835", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmgc7xj2rw2e", "content": "CVE-2026-39835 - Invoking server panic during CheckHostKey/Authenticate in golang.org/x/crypto/ssh\nCVE ID : CVE-2026-39835\n \n Published : May 22, 2026, 4:16 a.m. | 1\u00a0hour, 34\u00a0minutes ago\n \n Description : SSH servers which use CertChecker as a public key callback without settin...", "creation_timestamp": "2026-05-22T06:21:59.794399Z"}</description>
      <content:encoded>{"uuid": "718aa917-072e-44f4-b948-7bc47bb32e46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-39835", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mmgc7xj2rw2e", "content": "CVE-2026-39835 - Invoking server panic during CheckHostKey/Authenticate in golang.org/x/crypto/ssh\nCVE ID : CVE-2026-39835\n \n Published : May 22, 2026, 4:16 a.m. | 1\u00a0hour, 34\u00a0minutes ago\n \n Description : SSH servers which use CertChecker as a public key callback without settin...", "creation_timestamp": "2026-05-22T06:21:59.794399Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/718aa917-072e-44f4-b948-7bc47bb32e46/export</guid>
      <pubDate>Fri, 22 May 2026 06:21:59 +0000</pubDate>
    </item>
  </channel>
</rss>
