Explore top 10 tips to secure your open-source projects now. Read More
×JFrog CLI is a client that provides a simple interface that automates access to
the JFrog products.
Update Information:
Update to 2.112.0.
* Thu Jul 2 2026 Simone Caronni
[ 1 ] Bug #2486209 - CVE-2026-45287 jfrog-cli: OpenTelemetry-Go: Denial of Service due to file descriptor leak [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2486209
[ 2 ] Bug #2486291 - CVE-2026-45287 jfrog-cli: OpenTelemetry-Go: Denial of Service due to file descriptor leak [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2486291
[ 3 ] Bug #2489886 - CVE-2026-39828 jfrog-cli: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2489886
[ 4 ] Bug #2489892 - CVE-2026-39828 jfrog-cli: golang.org/x/crypto/ssh: Unauthorized command execution via discarded SSH permissions [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2489892
[ 5 ] Bug #2490031 - CVE-2026-39829 jfrog-cli: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters [epel-all]
https://bugzilla.redhat.com/show_bug.cgi?id=...
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-a5e27945f7' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
Get the latest Linux and open source security news straight to your inbox.