CVE-2026-46598: Go SSH Agent Client Panic Flaw
🟠 High | Source: Microsoft Security Response Center CVE-2026-46598 is a vulnerability in the Go standard library package golang.org/x/crypto/ssh/agent, where supplying malformed or pathological inputs can cause a client application to panic and crash. This affects any service or tooling built with this SSH agent library, including Azure-hosted workloads that rely on Go-based SSH clients. The practical risk is denial of service, where an attacker able to send crafted SSH agent messages can bring down affected processes. ...