PT-2026-42707 · Red Hat+9 · Assisted Installer For Red Hat Openshift Container Platform 2+88

Nealpatel

·

Published

2026-05-22

·

Updated

2026-07-02

·

CVE-2026-39828

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions The product name cannot be determined (affected versions not specified)
Description An issue exists where an SSH server authentication callback returning PartialSuccessError with non-nil Permissions caused those permissions to be silently discarded. This could lead to the removal of certificate restrictions, such as force-command, following the successful completion of a second factor authentication.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Certificate Validation

Improper Preservation of Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CLEANSTART-2026-AP10784
CLEANSTART-2026-BA41349
CLEANSTART-2026-BP02821
CLEANSTART-2026-BX78383
CLEANSTART-2026-CH64198
CLEANSTART-2026-CL67452
CLEANSTART-2026-CN27900
CLEANSTART-2026-CP20786
CLEANSTART-2026-EA12165
CLEANSTART-2026-EU52554
CLEANSTART-2026-FA38569
CLEANSTART-2026-IH16568
CLEANSTART-2026-KJ72865
CLEANSTART-2026-KZ96078
CLEANSTART-2026-MI06133
CLEANSTART-2026-MO16862
CLEANSTART-2026-MR08661
CLEANSTART-2026-NT30039
CLEANSTART-2026-NU38786
CLEANSTART-2026-PF69993
CLEANSTART-2026-QN97697
CLEANSTART-2026-QU83011
CLEANSTART-2026-RE02723
CLEANSTART-2026-RL64341
CLEANSTART-2026-RQ86436
CLEANSTART-2026-SW10568
CLEANSTART-2026-VD09973
CLEANSTART-2026-VD47610
CLEANSTART-2026-VO11205
CLEANSTART-2026-VX15911
CLEANSTART-2026-WA48911
CLEANSTART-2026-WF25734
CLEANSTART-2026-WS85269
CLEANSTART-2026-XV65906
CLEANSTART-2026-YG71543
CLEANSTART-2026-YK91867
CLEANSTART-2026-YY48565
CVE-2026-39828
GHSA-45GG-VH54-H5M9
GO-2026-5014
OPENSUSE-SU-2026:10856-1
OPENSUSE-SU-2026:10949-1
OPENSUSE-SU-2026:10966-1
OPENSUSE-SU-2026:11126-1
OPENSUSE-SU-2026:20956-1
OPENSUSE-SU-2026:21069-1
OPENSUSE-SU-2026:21079-1
OPENSUSE-SU-2026:21084-1
OPENSUSE-SU-2026:21120-1
OPENSUSE-SU-2026:21210-1
SUSE-SU-2026:22065-1
SUSE-SU-2026:22074-1
SUSE-SU-2026:22157-1
SUSE-SU-2026:22159-1
SUSE-SU-2026:22193-1
SUSE-SU-2026:22226-1
SUSE-SU-2026:22242-1
SUSE-SU-2026:22249-1
SUSE-SU-2026:22376-1
SUSE-SU-2026:22423-1
SUSE-SU-2026:22442-1
SUSE-SU-2026:22451-1
SUSE-SU-2026:2467-1
SUSE-SU-2026:2468-1
SUSE-SU-2026:2581-1
SUSE-SU-2026:2609-1
SUSE-SU-2026:2611-1
SUSE-SU-2026:2612-1
SUSE-SU-2026:2665-1
SUSE-SU-2026:2706-1
SUSE-SU-2026:2733-1

Affected Products

Assisted Installer For Red Hat Openshift Container Platform 2
Builds For Red Hat Openshift
Confidential Compute Attestation
Cryostat 4
External Secrets Operator For Red Hat Openshift
Multicluster Engine For Kubernetes
Openshift Api For Data Protection
Openshift Pipelines
Openshift Serverless
Red Hat Advanced Cluster Management For Kubernetes 2
Red Hat Advanced Cluster Security 4
Red Hat Advanced Cluster Security For Kubernetes 4.10
Red Hat Advanced Cluster Security For Kubernetes 4.9
Red Hat Ceph Storage 9
Red Hat Edge Manager 1
Red Hat Enterprise Linux 10
Red Hat Enterprise Linux 8
Red Hat Enterprise Linux 9
Red Hat Openshift
Red Hat Openshift Container Platform 4
Red Hat Openshift Dev Spaces
Red Hat Openshift Dev Workspaces Operator
Red Hat Openshift Gitops
Red Hat Openshift Virtualization 4
Red Hat Openshift For Windows Containers
Red Hat Openshift On Aws
Red Hat Openstack Platform 16.2
Red Hat Openstack Platform 17.1
Red Hat Openstack Platform 18.0
Red Hat Openshift Data Foundation 4
Red Hat Quay 3
Red Hat Trusted Artifact Signer
Security Profiles Operator
Zero Trust Workload Identity Manager
Zero Trust Workload Identity Manager - Tech Preview
Amazon-Ssm-Agent
Apko
Apptainer
Argo Cd
Argo Workflows
Buildah
Cadvisor
Calico
Calicoctl
Cert-Manager
Cert-Manager Operator For Red Hat Openshift
Cilium-Cli
Kubernetes Containerd
Cortex
Crypto++
Distribution
Docker-Cli-Buildx
Elastic-Beats
Elemental-Toolkit
Etcd
External-Secrets
Git-Bug
Golang-Go.Crypto
Golang.Org/X/Crypto
Golang.Org/X/Crypto/Ssh
Google-Guest-Agent
Google-Osconfig-Agent
Gostatsd
Grype
Helm
Helm-Operator
Istio
Kube-State-Metrics
Kube-Vip
Kubernetes-Csi-External-Provisioner-Fips
Kubernetes-Csi-External-Snapshotter-Fips
Lxd
Mcphost
Memcached-Exporter
Mongodb
Multicluster Engine For Kubernetes 2.6
Nats-Streaming
Osv-Scanner
Percona-Server-Mongodb-Operator
Podman
Rclone
Sealed-Secrets
Skopeo
Snapd
Spice-Server
Spire-Server-Fips
Trivy
Vault
Velociraptor