golang
230 tracked vulnerabilities.
CVE-2026-27142
MEDIUM
Go html/template - Meta Refresh URL Cross-Site Scripting
Mar 06, 2026
CVSS 6.1
EPSS 0.00
CVE-2026-27139
LOW
File.ReadDir/Readdir - Path Traversal
Mar 06, 2026
CVSS 2.5
EPSS 0.00
CVE-2026-27138
MEDIUM
Go standard library crypto/x509 1.26.0 - Denial of Service via Empty DNS Name in Certificate Chain
Mar 06, 2026
CVSS 5.9
EPSS 0.00
CVE-2026-27137
HIGH
OpenSSL - Certificate Validation Bypass
Mar 06, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-25679
HIGH
Go standard library net/url < 1.25.8 and 1.26.0 - Direct Request via Invalid URL Host Parsing
Mar 06, 2026
CVSS 7.5
EPSS 0.01
CVE-2025-68121
CRITICAL
GO < 1.24.13 - Improper Certificate Validation
Feb 05, 2026
CVSS 10.0
EPSS 0.01
CVE-2025-61732
HIGH
GO < 1.24.13 - Code Injection
Feb 05, 2026
CVSS 8.6
EPSS 0.00
CVE-2025-22873
LOW
GO < 1.23.9 - Path Traversal
Feb 04, 2026
CVSS 3.8
EPSS 0.00
CVE-2025-68119
HIGH
GO < 1.24.12 - Out-of-Bounds Write
Jan 28, 2026
CVSS 7.0
EPSS 0.00
CVE-2025-61731
HIGH
cmd/go - Code Injection
Jan 28, 2026
CVSS 7.8
EPSS 0.01
CVE-2025-61730
MEDIUM
GO < 1.24.12 - Information Disclosure
Jan 28, 2026
CVSS 5.3
EPSS 0.00
CVE-2025-61728
MEDIUM
GO < 1.24.12 - Resource Allocation Without Limits
Jan 28, 2026
CVSS 6.5
EPSS 0.01
CVE-2025-61726
HIGH
GO < 1.24.12 - Resource Allocation Without Limits
Jan 28, 2026
CVSS 7.5
EPSS 0.02
CVE-2025-68120
MEDIUM
Visual Studio Code Go Extension <=0.52.1 - Untrusted Code Execution
Dec 30, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-61727
MEDIUM
GO < 1.24.11 - Improper Certificate Validation
Dec 03, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-61729
HIGH
GO < 1.24.11 - Improper Certificate Validation
Dec 02, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-58181
MEDIUM
golang/crypto and x/crypto < 0.45.0 - Unbounded Memory Consumption via GSSAPI Mechanism Count
Nov 19, 2025
CVSS 5.3
EPSS 0.01
CVE-2025-47914
MEDIUM
golang/crypto and x/crypto < 0.45.0 - Denial of Service via Malformed SSH Agent Message
Nov 19, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-61724
MEDIUM
GO < 1.24.8 - Resource Allocation Without Limits
Oct 29, 2025
CVSS 5.3
EPSS 0.01
CVE-2025-61723
HIGH
GO < 1.24.8 - Resource Allocation Without Limits
Oct 29, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-58189
MEDIUM
GO < 1.24.8 - Log Information Exposure
Oct 29, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-58188
HIGH
GO < 1.24.8 - Improper Certificate Validation
Oct 29, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-58187
HIGH
Certificate Validation - Info Disclosure
Oct 29, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-58185
MEDIUM
GO < 1.24.8 - Resource Allocation Without Limits
Oct 29, 2025
CVSS 5.3
EPSS 0.01
CVE-2025-47912
MEDIUM
Go net/url Parse - Bracketed Host Validation Bypass
Oct 29, 2025
CVSS 5.3
EPSS 0.00