NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-39828

Summary	When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError now results in a connection error.
Publication Date	May 22, 2026, 1:16 p.m.
Registration Date	May 23, 2026, 4:08 a.m.
Last Update	May 22, 2026, 1:16 p.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://go.dev/cl/781621	security@golang.org
2	https://go.dev/issue/79562	security@golang.org
3	https://groups.google.com/g/golang-announce/c/a082jnz-LvI	security@golang.org
4	https://pkg.go.dev/vuln/GO-2026-5014	security@golang.org

Common Vulnerabilities List