cbcvebase.
CVE-2026-39830
published 2026-05-22

CVE-2026-39830: A malicious SSH peer could send unsolicited global request responses to fill an internal buffer, blocking the connection's read loop. The blocked goroutine…

PriorityP352critical9.1CVSS 3.1
AVNACLPRNUINSUCHINAH
EPSS
0.50%
39.0th percentile
A malicious SSH peer could send unsolicited global request responses to fill an internal buffer, blocking the connection's read loop. The blocked goroutine could not be released by calling Close(), resulting in a resource leak per connection. Unsolicited global responses are now discarded.

Affected

207 ranges· showing 25
VendorProductVersion rangeFixed in
advanced-cluster-securityrhacs-main-rhel8
advanced-cluster-securityrhacs-rhel8-operator
advanced-cluster-securityrhacs-roxctl-rhel8
advanced-cluster-securityrhacs-scanner-rhel8
advanced-cluster-securityrhacs-scanner-slim-rhel8
advanced-cluster-securityrhacs-scanner-v4-rhel8
assistedagent-preinstall-image-builder-rhel9
buildah_projectbuildah
cert-managerjetstack-cert-manager-acmesolver-rhel9
cert-managerjetstack-cert-manager-rhel9
complianceopenshift-security-profiles-operator-bundle
complianceopenshift-security-profiles-rhel8-operator
confidential-containerstrustee
container-native-virtualizationvirt-api-rhel9
container-native-virtualizationvirt-artifacts-server-rhel9
container-native-virtualizationvirt-controller-rhel9
container-native-virtualizationvirt-exportproxy-rhel9
container-native-virtualizationvirt-exportserver-rhel9
container-native-virtualizationvirt-handler-rhel9
container-native-virtualizationvirt-launcher-rhel9
container-native-virtualizationvirt-operator-rhel9
container-tools_rhel8buildah
container-tools_rhel8podman
cryostatcryostat-storage-rhel9
devspacestraefik-rhel9

CVSS provenance

nvdv3.19.1CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
vendor_redhat9.1CRITICAL
vendor_ubuntu9.1CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.