golang

CVE-2026-27143 CRITICAL

Missing bound checks can lead to memory corruption in safe Go in cmd/compile

Apr 08, 2026

CVSS 9.8

EPSS 0.00

CVE-2026-27140 HIGH

Go cmd/go < 1.25.9 and < 1.26.2 - SWIG Build-Time Code Execution

Apr 08, 2026

CVSS 8.8

EPSS 0.00

CVE-2026-33809 MEDIUM

OOM from malicious IFD offset in golang.org/x/image/tiff

Mar 25, 2026

CVSS 5.3

EPSS 0.00

CVE-2026-27142 MEDIUM

Go html/template - Meta Refresh URL Cross-Site Scripting

Mar 06, 2026

CVSS 6.1

EPSS 0.00

CVE-2026-27139 LOW

File.ReadDir/Readdir - Path Traversal

Mar 06, 2026

CVSS 2.5

EPSS 0.00

CVE-2026-27138 MEDIUM

Go standard library crypto/x509 1.26.0 - Denial of Service via Empty DNS Name in Certificate Chain

Mar 06, 2026

CVSS 5.9

EPSS 0.00

CVE-2026-27137 HIGH

OpenSSL - Certificate Validation Bypass

Mar 06, 2026

CVSS 7.5

EPSS 0.00

CVE-2026-25679 HIGH

Go standard library net/url < 1.25.8 and 1.26.0 - Direct Request via Invalid URL Host Parsing

Mar 06, 2026

CVSS 7.5

EPSS 0.00

CVE-2025-68121 CRITICAL

GO < 1.24.13 - Improper Certificate Validation

Feb 05, 2026

CVSS 10.0

EPSS 0.00

CVE-2025-61732 HIGH

GO < 1.24.13 - Code Injection

Feb 05, 2026

CVSS 8.6

EPSS 0.00

CVE-2025-22873 LOW

GO < 1.23.9 - Path Traversal

Feb 04, 2026

CVSS 3.8

EPSS 0.00

CVE-2025-68119 HIGH

GO < 1.24.12 - Out-of-Bounds Write

Jan 28, 2026

CVSS 7.0

EPSS 0.00

CVE-2025-61731 HIGH

cmd/go - Code Injection

Jan 28, 2026

CVSS 7.8

EPSS 0.00

CVE-2025-61730 MEDIUM

GO < 1.24.12 - Information Disclosure

Jan 28, 2026

CVSS 5.3

EPSS 0.00

CVE-2025-61728 MEDIUM

GO < 1.24.12 - Resource Allocation Without Limits

Jan 28, 2026

CVSS 6.5

EPSS 0.00

CVE-2025-61726 HIGH

GO < 1.24.12 - Resource Allocation Without Limits

Jan 28, 2026

CVSS 7.5

EPSS 0.00

CVE-2025-68120 MEDIUM

Visual Studio Code Go Extension <=0.52.1 - Untrusted Code Execution

Dec 30, 2025

CVSS 5.4

EPSS 0.00

CVE-2025-61727 MEDIUM

GO < 1.24.11 - Improper Certificate Validation

Dec 03, 2025

CVSS 6.5

EPSS 0.00

CVE-2025-61729 HIGH

GO < 1.24.11 - Improper Certificate Validation

Dec 02, 2025

CVSS 7.5

EPSS 0.00

CVE-2025-58181 MEDIUM

golang/crypto and x/crypto < 0.45.0 - Unbounded Memory Consumption via GSSAPI Mechanism Count

Nov 19, 2025

CVSS 5.3

EPSS 0.00

CVE-2025-47914 MEDIUM

golang/crypto and x/crypto < 0.45.0 - Denial of Service via Malformed SSH Agent Message

Nov 19, 2025

CVSS 5.3

EPSS 0.00

CVE-2025-61724 MEDIUM

GO < 1.24.8 - Resource Allocation Without Limits

Oct 29, 2025

CVSS 5.3

EPSS 0.00

CVE-2025-61723 HIGH

GO < 1.24.8 - Resource Allocation Without Limits

Oct 29, 2025

CVSS 7.5

EPSS 0.00

CVE-2025-58189 MEDIUM

GO < 1.24.8 - Log Information Exposure

Oct 29, 2025

CVSS 5.3

EPSS 0.00

CVE-2025-58188 HIGH

GO < 1.24.8 - Improper Certificate Validation

Oct 29, 2025

CVSS 7.5

EPSS 0.00