Skip to main content
CVE Vulnerability Database
Vulnerability Database/CVE-2026-39833

CVE-2026-39833: Golang Crypto Auth Bypass Vulnerability

CVE-2026-39833 is an authentication bypass flaw in Golang Crypto where the NewKeyring() function silently ignores the ConfirmBeforeUse constraint, allowing unauthorized signing operations without prompts.

Published:

CVE-2026-39833 Overview

CVE-2026-39833 affects the Go golang.org/x/crypto module. The in-memory keyring returned by NewKeyring() silently accepted keys carrying the ConfirmBeforeUse constraint but never enforced it. Keys signed operations without prompting the caller for confirmation, and no error indicated that the requested constraint was inactive. Applications relying on this constraint to gate sensitive signing operations had no protection at runtime. The fix changes NewKeyring() to return an error when callers request unsupported constraints, forcing explicit handling instead of silent failure. The flaw is tracked under CWE-862: Missing Authorization and documented in GO-2026-5005.

Critical Impact

Signing keys protected by ConfirmBeforeUse could be used without user confirmation, breaking an authorization control that applications and SSH agent implementations relied upon.

Affected Products

  • golang.org/x/crypto module (Go ecosystem)
  • Applications using the in-memory keyring from golang.org/x/crypto/ssh/agent
  • SSH agent implementations built on the affected keyring API

Discovery Timeline

  • 2026-05-22 - CVE-2026-39833 published to NVD
  • 2026-05-28 - Last updated in NVD database

Technical Details for CVE-2026-39833

Vulnerability Analysis

The vulnerability resides in the in-memory keyring implementation returned by NewKeyring() in the golang.org/x/crypto/ssh/agent package. The SSH agent protocol defines key constraints that restrict how a key may be used after it is added to an agent. One such constraint, ConfirmBeforeUse, instructs the agent to prompt the user before each signing operation involving the key. Applications add keys with this constraint to ensure that a stolen process token or compromised process cannot silently sign authentication challenges on behalf of the user.

The affected keyring accepted keys with ConfirmBeforeUse set but contained no logic to enforce the constraint. Calls to Sign() on the keyring proceeded directly to the cryptographic operation. The caller received a valid signature with no indication that the requested authorization gate had been bypassed. This is an instance of CWE-862: Missing Authorization, where a documented access control check was not implemented.

Root Cause

The in-memory keyring stored constraint metadata along with each key but did not consult that metadata during signing operations. The API contract implied enforcement, while the implementation provided none. Silent acceptance of unsupported parameters left callers with no way to detect the gap.

Attack Vector

An attacker with the ability to invoke the agent's sign operation, for example through a forwarded SSH agent socket or a co-located process holding a handle to the agent, can request signatures from any key in the keyring regardless of whether the application registered it with ConfirmBeforeUse. No user interaction is required, which contradicts the security guarantee the constraint was intended to provide. See the upstream advisory GO-2026-5005 and Go issue #79436 for additional detail.

Detection Methods for CVE-2026-39833

Indicators of Compromise

  • Signing operations completed by an agent process without a corresponding user confirmation prompt or UI event.
  • SSH authentication events sourced from a host where the local agent uses golang.org/x/crypto versions prior to the fixed release.
  • Forwarded agent connections from untrusted hosts followed by unexpected key usage in authentication logs.

Detection Strategies

  • Inventory Go binaries and services that import golang.org/x/crypto/ssh/agent using software composition analysis or govulncheck.
  • Audit application code for calls to NewKeyring() followed by Add() invocations that set the ConfirmBeforeUse constraint and treat them as vulnerable until the dependency is upgraded.
  • Cross-reference SSH authentication logs with endpoint user-interaction telemetry to flag signing events lacking an associated confirmation prompt.

Monitoring Recommendations

  • Monitor agent forwarding usage (SSH_AUTH_SOCK exposure) on developer workstations and bastion hosts.
  • Alert on new outbound SSH authentications that use keys flagged as requiring confirmation.
  • Track upstream advisories at pkg.go.dev/vuln for additional fixed versions or related issues.

How to Mitigate CVE-2026-39833

Immediate Actions Required

  • Upgrade golang.org/x/crypto to the fixed version identified in GO-2026-5005 and rebuild dependent binaries.
  • Run govulncheck ./... across Go projects to identify call sites that import the affected package.
  • Audit any application that relies on ConfirmBeforeUse for signing authorization and assume the constraint was not enforced prior to patching.

Patch Information

The Go security team fixed the issue in golang.org/x/crypto. NewKeyring() now returns an error when callers request unsupported constraints, replacing the previous silent acceptance. See the change lists CL/778640 and CL/778641, the upstream Go issue #79436, and the golang-announce notice.

Workarounds

  • Disable SSH agent forwarding on hosts that do not strictly require it, and avoid forwarding to untrusted systems.
  • Replace the in-memory keyring with an external agent (for example, the OpenSSH ssh-agent) that natively enforces ConfirmBeforeUse.
  • Restrict process access to the agent socket using filesystem permissions and namespace isolation until the patched module is deployed.
bash
# Configuration example: identify and upgrade the vulnerable dependency
govulncheck ./...
go get golang.org/x/crypto@latest
go mod tidy
go build ./...

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the Most Advanced Cybersecurity Platform

See how the world’s most intelligent, autonomous cybersecurity platform can protect your organization today and into the future.