CVE-2026-39832

Name of the Vulnerable Software and Affected Versions The product name cannot be determined (affected versions not specified)

Description Constraint extensions, such as restrict-destination-v00@openssh.com, were not serialized in requests when adding a key to a remote agent. This caused destination restrictions to be silently stripped during key forwarding, which allowed the key to be used without restrictions on the remote host. Furthermore, the in-memory keyring returned by the NewKeyring() function silently ignored keys with unsupported constraint extensions.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.