CVE-2026-39834

216.73.217.22

· Published 22/05/2026 04:16 · Modified 22/05/2026 04:16

Labels: CVE-2026-39834 2026-05-22 CVE-2026-39834 [email protected]

Essential information

Published: 22/05/2026 04:16
Modified: 22/05/2026 04:16
Author: —
Creator: —
CISA KEV: No
CWE: —
CVSS vector

Description

When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop to spin indefinitely, sending empty packets without making progress. The size comparison now uses int64 to prevent truncation.

NVD status

Status: Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source: [email protected]
NVD: View on NVD

Affected products (CPE)

Product	CPE
golang / golang	`cpe:2.3:a:golang:golang::::::::`

CVE-2026-39834

Essential information

Description

NVD status

Affected products (CPE)

References