golang.org/x/crypto

Top products

The 15 most recently published vulnerabilities affecting golang.org/x/crypto.

• CVE-2026-46598Invoking pathological inputs can lead to client panic in golang.org/x/crypto/ssh/agent5.3May 22, 2026
• CVE-2026-46595Invoking VerifiedPublicKeyCallback permissions skip enforcement in golang.org/x/crypto/ssh10.0May 22, 2026
• CVE-2026-42508Invoking auth bypass via unenforced @revoked status in golang.org/x/crypto/ssh/knownhosts9.1May 22, 2026
• CVE-2026-39834Invoking infinite loop on large channel writes in golang.org/x/crypto/ssh9.1May 22, 2026
• CVE-2026-39831Invoking bypass of FIDO/U2F security keys physical interaction in golang.org/x/crypto/ssh9.1May 22, 2026
• CVE-2026-39830Invoking client can cause server deadlock on unexpected responses in golang.org/x/crypto/ssh9.1May 22, 2026
• CVE-2026-39829Invoking pathological RSA/DSA parameters may cause DoS in golang.org/x/crypto/ssh7.5May 22, 2026
• CVE-2026-39827Invoking memory leak when rejecting channels can lead to DoS in golang.org/x/crypto/ssh6.5May 22, 2026
• CVE-2026-46597Invoking byte arithmetic causes underflow and panic in golang.org/x/crypto/ssh7.5May 22, 2026
• CVE-2026-39835Invoking server panic during CheckHostKey/Authenticate in golang.org/x/crypto/ssh5.3May 22, 2026
• CVE-2026-39833Invoking key constraints not enforced in golang.org/x/crypto/ssh/agent9.1May 22, 2026
• CVE-2026-39832Invoking agent constraints dropped when forwarding keys in golang.org/x/crypto/ssh/agent9.1May 22, 2026
• CVE-2026-39828Invoking bypass of certificate restrictions in golang.org/x/crypto/ssh6.3May 22, 2026
• CVE-2025-47914Malformed constraint may cause denial of service in golang.org/x/crypto/ssh/agent5.3Nov 19, 2025
• CVE-2025-58181Unbounded memory consumption in golang.org/x/crypto/ssh5.3Nov 19, 2025