CVE-2026-46597
Analyzed Analyzed - Analysis Complete
Server-Side Panic in Go AES-GCM Packet Decoder

Publication date: 2026-05-22

Last updated on: 2026-05-28

Assigner: Go Project

Description
An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-22
Last Modified
2026-05-28
Generated
2026-06-11
AI Q&A
2026-05-22
EPSS Evaluated
2026-06-10
NVD
CVE-2026-46597
EUVD
EUVD-2026-31388
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
golang crypto to 0.52.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-704 The product does not correctly convert an object, resource, or structure from one type to a different type.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability involves an incorrectly placed cast from bytes to int in the AES-GCM packet decoder used in the Go programming language's crypto package. Specifically, this flaw exists in the SSH implementation where certain functions like Dial, NewClientConn, and NewServerConn are affected. The incorrect cast can cause a byte arithmetic underflow, which leads to a server-side panic when processing specially crafted inputs.

Impact Analysis

The vulnerability can cause a server-side panic, which means that an attacker could send specially crafted inputs to the affected Go crypto SSH services and cause them to crash or become unavailable. This can lead to denial of service conditions, disrupting normal operations and potentially affecting the availability of services relying on these cryptographic functions.

Detection Guidance

This vulnerability causes a server-side panic in the AES-GCM packet decoder when processing well-crafted inputs due to an incorrectly placed cast from bytes to int.

Detection could involve monitoring server logs for panic events related to the AES-GCM packet decoder or the golang.org/x/crypto/ssh package, especially in functions like Dial, NewClientConn, and NewServerConn.

Since the issue triggers a panic on malformed inputs, you could attempt to reproduce the panic by sending crafted packets to the affected SSH services and observe if the server crashes or logs panic stack traces.

No specific commands or detection scripts are provided in the available resources.

Mitigation Strategies

The vulnerability is due to an incorrectly placed cast causing server-side panic in the AES-GCM packet decoder of golang.org/x/crypto/ssh versions before v0.52.0.

Immediate mitigation steps include updating the golang.org/x/crypto/ssh package to version v0.52.0 or later, where the issue has been fixed.

If updating is not immediately possible, consider restricting or filtering inputs to the affected SSH services to prevent well-crafted malicious packets that could trigger the panic.

Monitor your systems for unexpected server panics and crashes related to SSH connections and apply patches as soon as they become available.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-46597. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart