VDB
CESS-2026-39835
CESS-2026-39835
PUBLISHED
SSH servers which use CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could be caused to panic by a client presenting a certificate. CertChecker now returns an error instead of panicking when these callbacks are nil.
Timeline
- May 22, 2026 CVE Published