VDB

CESS-2026-39835

CESS-2026-39835 PUBLISHED

SSH servers which use CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could be caused to panic by a client presenting a certificate. CertChecker now returns an error instead of panicking when these callbacks are nil.

Timeline

  • May 22, 2026 CVE Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›