Back to CVE List

CVE-2026-40884

CRITICAL SEVERITY

CVSS Score & Metrics

Base Score

9.8 / 10

Vulnerability Description

goshs has an empty-username SFTP password authentication bypass

Vulnerability Details

Published Date

April 14, 2026

Last Modified

April 15, 2026

Source

GitHub

Vendor

go

Product

github.com/patrickhener/goshs

External References

Discussion (0)

Add Comment

No comments yet. Be the first!