VYPR
Medium severity6.3NVD Advisory· Published May 22, 2026· Updated Jun 2, 2026

CVE-2026-39828

CVE-2026-39828

Description

When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as force-command after a second factor succeeded. Returning non-nil Permissions with PartialSuccessError now results in a connection error.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2704

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.

CVE-2026-39828 · Medium · VYPR