CVE-2026-39835
MediumCVSS 5.3Exploitation Probability (EPSS)
Low risk32th percentile - higher than 32% of all known CVEs
Summary
SSH servers using CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could panic when a client presents a certificate. CertChecker now returns an error instead of panicking when these callbacks are nil.
Risk Assessment
An attacker can cause the SSH server to crash, leading to denial of service (DoS) and potential loss of availability for legitimate users.
Recommendation
Update the CertChecker library to the latest version that includes the fix preventing panic when IsUserAuthority and IsHostAuthority callbacks are not set.
Original NVD description (English source)
SSH servers which use CertChecker as a public key callback without setting IsUserAuthority or IsHostAuthority could be caused to panic by a client presenting a certificate. CertChecker now returns an error instead of panicking when these callbacks are nil.

