CVE-2026-39830

Name of the Vulnerable Software and Affected Versions The product name cannot be determined (affected versions not specified)

Description A malicious SSH peer can send unsolicited global request responses to fill an internal buffer, which blocks the connection's read loop. This prevents the blocked goroutine (a lightweight thread managed by the Go runtime) from being released when Close() is called, leading to a resource leak for each connection.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.