golang

230 tracked vulnerabilities.

CVE-2026-27142 MEDIUM
Go html/template - Meta Refresh URL Cross-Site Scripting
Mar 06, 2026
CVSS 6.1
EPSS 0.00
CVE-2026-27139 LOW
File.ReadDir/Readdir - Path Traversal
Mar 06, 2026
CVSS 2.5
EPSS 0.00
CVE-2026-27138 MEDIUM
Go standard library crypto/x509 1.26.0 - Denial of Service via Empty DNS Name in Certificate Chain
Mar 06, 2026
CVSS 5.9
EPSS 0.00
CVE-2026-27137 HIGH
OpenSSL - Certificate Validation Bypass
Mar 06, 2026
CVSS 7.5
EPSS 0.01
CVE-2026-25679 HIGH
Go standard library net/url < 1.25.8 and 1.26.0 - Direct Request via Invalid URL Host Parsing
Mar 06, 2026
CVSS 7.5
EPSS 0.01
CVE-2025-68121 CRITICAL
GO < 1.24.13 - Improper Certificate Validation
Feb 05, 2026
CVSS 10.0
EPSS 0.01
CVE-2025-61732 HIGH
GO < 1.24.13 - Code Injection
Feb 05, 2026
CVSS 8.6
EPSS 0.00
CVE-2025-22873 LOW
GO < 1.23.9 - Path Traversal
Feb 04, 2026
CVSS 3.8
EPSS 0.00
CVE-2025-68119 HIGH
GO < 1.24.12 - Out-of-Bounds Write
Jan 28, 2026
CVSS 7.0
EPSS 0.00
CVE-2025-61731 HIGH
cmd/go - Code Injection
Jan 28, 2026
CVSS 7.8
EPSS 0.01
CVE-2025-61730 MEDIUM
GO < 1.24.12 - Information Disclosure
Jan 28, 2026
CVSS 5.3
EPSS 0.00
CVE-2025-61728 MEDIUM
GO < 1.24.12 - Resource Allocation Without Limits
Jan 28, 2026
CVSS 6.5
EPSS 0.01
CVE-2025-61726 HIGH
GO < 1.24.12 - Resource Allocation Without Limits
Jan 28, 2026
CVSS 7.5
EPSS 0.02
CVE-2025-68120 MEDIUM
Visual Studio Code Go Extension <=0.52.1 - Untrusted Code Execution
Dec 30, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-61727 MEDIUM
GO < 1.24.11 - Improper Certificate Validation
Dec 03, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-61729 HIGH
GO < 1.24.11 - Improper Certificate Validation
Dec 02, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-58181 MEDIUM
golang/crypto and x/crypto < 0.45.0 - Unbounded Memory Consumption via GSSAPI Mechanism Count
Nov 19, 2025
CVSS 5.3
EPSS 0.01
CVE-2025-47914 MEDIUM
golang/crypto and x/crypto < 0.45.0 - Denial of Service via Malformed SSH Agent Message
Nov 19, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-61724 MEDIUM
GO < 1.24.8 - Resource Allocation Without Limits
Oct 29, 2025
CVSS 5.3
EPSS 0.01
CVE-2025-61723 HIGH
GO < 1.24.8 - Resource Allocation Without Limits
Oct 29, 2025
CVSS 7.5
EPSS 0.01
CVE-2025-58189 MEDIUM
GO < 1.24.8 - Log Information Exposure
Oct 29, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-58188 HIGH
GO < 1.24.8 - Improper Certificate Validation
Oct 29, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-58187 HIGH
Certificate Validation - Info Disclosure
Oct 29, 2025
CVSS 7.5
EPSS 0.00
CVE-2025-58185 MEDIUM
GO < 1.24.8 - Resource Allocation Without Limits
Oct 29, 2025
CVSS 5.3
EPSS 0.01
CVE-2025-47912 MEDIUM
Go net/url Parse - Bracketed Host Validation Bypass
Oct 29, 2025
CVSS 5.3
EPSS 0.00