24h | 7d | 30d

Overview

  • Go standard library
  • crypto/x509
  • crypto/x509

29 Oct 2025
Published
04 Nov 2025
Updated

CVSS
Pending
EPSS
0.01%

KEV

Description

Validating certificate chains which contain DSA public keys can cause programs to panic, due to a interface cast that assumes they implement the Equal method. This affects programs which validate arbitrary certificate chains.

Statistics

  • 3 Posts

Last activity: 5 hours ago

Bluesky

Profile picture fallback
This addresses the following vulnerabilities: CVE-2025-61729 CVE-2025-61723 CVE-2025-58188 CVE-2025-58187 CVE-2026-35469 CVE-2026-25679
  • 0
  • 0
  • 2
  • 5h ago

Overview

  • Go standard library
  • crypto/x509
  • crypto/x509

02 Dec 2025
Published
03 Dec 2025
Updated

CVSS
Pending
EPSS
0.01%

KEV

Description

Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.

Statistics

  • 3 Posts

Last activity: 5 hours ago

Bluesky

Profile picture fallback
This addresses the following vulnerabilities: CVE-2025-61729 CVE-2025-61723 CVE-2025-58188 CVE-2025-58187 CVE-2026-35469 CVE-2026-25679
  • 0
  • 0
  • 2
  • 5h ago

Overview

  • Go standard library
  • encoding/pem
  • encoding/pem

29 Oct 2025
Published
04 Nov 2025
Updated

CVSS
Pending
EPSS
0.04%

KEV

Description

The processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input. This affects programs which parse untrusted PEM inputs.

Statistics

  • 3 Posts

Last activity: 5 hours ago

Bluesky

Profile picture fallback
This addresses the following vulnerabilities: CVE-2025-61729 CVE-2025-61723 CVE-2025-58188 CVE-2025-58187 CVE-2026-35469 CVE-2026-25679
  • 0
  • 0
  • 2
  • 5h ago

Overview

  • Go toolchain
  • cmd/compile
  • cmd/compile

08 Apr 2026
Published
13 Apr 2026
Updated

CVSS
Pending
EPSS
0.01%

KEV

Description

The compiler is meant to unwrap pointers which are the operands of a memory move; a no-op interface conversion prevented the compiler from making the correct determination about non-overlapping moves, potentially leading to memory corruption at runtime.

Statistics

  • 6 Posts

Last activity: 5 hours ago

Bluesky

Profile picture fallback
This addresses the following vulnerabilities: CVE-2026-39883 CVE-2026-34986 CVE-2026-33186 CVE-2026-32283 CVE-2026-32281 CVE-2026-32280 CVE-2026-29181 CVE-2026-27144 CVE-2026-27143 CVE-2026-27140 CVE-2026-25679 N/A Security fixes for apigee-watcher
  • 0
  • 0
  • 3
  • 5h ago
Profile picture fallback
This addresses the following vulnerabilities: CVE-2026-32283 CVE-2026-32281 CVE-2026-32280 CVE-2026-27144 CVE-2026-27143 CVE-2026-27140 CVE-2026-25679 CVE-2025-68119 CVE-2025-61732 CVE-2025-61731 CVE-2025-61726 CVE-2025-47907 CVE-2025-4674 N/A Security fixes for
  • 0
  • 0
  • 1
  • 5h ago

Overview

  • go-jose
  • go-jose

06 Apr 2026
Published
07 Apr 2026
Updated

CVSS v3.1
HIGH (7.5)
EPSS
0.02%

KEV

Description

Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. Prior to 4.1.4 and 3.0.5, decrypting a JSON Web Encryption (JWE) object will panic if the alg field indicates a key wrapping algorithm (one ending in KW, with the exception of A128GCMKW, A192GCMKW, and A256GCMKW) and the encrypted_key field is empty. The panic happens when cipher.KeyUnwrap() in key_wrap.go attempts to allocate a slice with a zero or negative length based on the length of the encrypted_key. This code path is reachable from ParseEncrypted() / ParseEncryptedJSON() / ParseEncryptedCompact() followed by Decrypt() on the resulting object. Note that the parse functions take a list of accepted key algorithms. If the accepted key algorithms do not include any key wrapping algorithms, parsing will fail and the application will be unaffected. This panic is also reachable by calling cipher.KeyUnwrap() directly with any ciphertext parameter less than 16 bytes long, but calling this function directly is less common. Panics can lead to denial of service. This vulnerability is fixed in 4.1.4 and 3.0.5.

Statistics

  • 4 Posts

Last activity: 5 hours ago

Bluesky

Profile picture fallback
This addresses the following vulnerabilities: CVE-2026-39883 CVE-2026-34986 CVE-2026-33186 CVE-2026-32283 CVE-2026-32281 CVE-2026-32280 CVE-2026-29181 CVE-2026-27144 CVE-2026-27143 CVE-2026-27140 CVE-2026-25679 N/A Security fixes for apigee-watcher
  • 0
  • 0
  • 3
  • 5h ago

Overview

  • open-telemetry
  • opentelemetry-go

08 Apr 2026
Published
10 Apr 2026
Updated

CVSS v4.0
HIGH (7.3)
EPSS
0.01%

KEV

Description

OpenTelemetry-Go is the Go implementation of OpenTelemetry. From 1.15.0 to 1.42.0, the fix for CVE-2026-24051 changed the Darwin ioreg command to use an absolute path but left the BSD kenv command using a bare name, allowing the same PATH hijacking attack on BSD and Solaris platforms. This vulnerability is fixed in 1.43.0.

Statistics

  • 4 Posts

Last activity: 5 hours ago

Bluesky

Profile picture fallback
This addresses the following vulnerabilities: CVE-2026-39883 CVE-2026-34986 CVE-2026-33186 CVE-2026-32283 CVE-2026-32281 CVE-2026-32280 CVE-2026-29181 CVE-2026-27144 CVE-2026-27143 CVE-2026-27140 CVE-2026-25679 N/A Security fixes for apigee-watcher
  • 0
  • 0
  • 3
  • 5h ago

Overview

  • Go toolchain
  • cmd/compile
  • cmd/compile

08 Apr 2026
Published
13 Apr 2026
Updated

CVSS
Pending
EPSS
0.02%

KEV

Description

Arithmetic over induction variables in loops were not correctly checked for underflow or overflow. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption.

Statistics

  • 6 Posts

Last activity: 5 hours ago

Bluesky

Profile picture fallback
This addresses the following vulnerabilities: CVE-2026-39883 CVE-2026-34986 CVE-2026-33186 CVE-2026-32283 CVE-2026-32281 CVE-2026-32280 CVE-2026-29181 CVE-2026-27144 CVE-2026-27143 CVE-2026-27140 CVE-2026-25679 N/A Security fixes for apigee-watcher
  • 0
  • 0
  • 3
  • 5h ago
Profile picture fallback
This addresses the following vulnerabilities: CVE-2026-32283 CVE-2026-32281 CVE-2026-32280 CVE-2026-27144 CVE-2026-27143 CVE-2026-27140 CVE-2026-25679 CVE-2025-68119 CVE-2025-61732 CVE-2025-61731 CVE-2025-61726 CVE-2025-47907 CVE-2025-4674 N/A Security fixes for
  • 0
  • 0
  • 1
  • 5h ago

Overview

  • Go standard library
  • crypto/tls
  • crypto/tls

08 Apr 2026
Published
13 Apr 2026
Updated

CVSS
Pending
EPSS
0.02%

KEV

Description

If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3.

Statistics

  • 6 Posts

Last activity: 5 hours ago

Bluesky

Profile picture fallback
This addresses the following vulnerabilities: CVE-2026-39883 CVE-2026-34986 CVE-2026-33186 CVE-2026-32283 CVE-2026-32281 CVE-2026-32280 CVE-2026-29181 CVE-2026-27144 CVE-2026-27143 CVE-2026-27140 CVE-2026-25679 N/A Security fixes for apigee-watcher
  • 0
  • 0
  • 3
  • 5h ago
Profile picture fallback
This addresses the following vulnerabilities: CVE-2026-32283 CVE-2026-32281 CVE-2026-32280 CVE-2026-27144 CVE-2026-27143 CVE-2026-27140 CVE-2026-25679 CVE-2025-68119 CVE-2025-61732 CVE-2025-61731 CVE-2025-61726 CVE-2025-47907 CVE-2025-4674 N/A Security fixes for
  • 0
  • 0
  • 1
  • 5h ago

Overview

  • Go toolchain
  • cmd/go
  • cmd/go

08 Apr 2026
Published
13 Apr 2026
Updated

CVSS
Pending
EPSS
0.01%

KEV

Description

SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass.

Statistics

  • 6 Posts

Last activity: 5 hours ago

Bluesky

Profile picture fallback
This addresses the following vulnerabilities: CVE-2026-39883 CVE-2026-34986 CVE-2026-33186 CVE-2026-32283 CVE-2026-32281 CVE-2026-32280 CVE-2026-29181 CVE-2026-27144 CVE-2026-27143 CVE-2026-27140 CVE-2026-25679 N/A Security fixes for apigee-watcher
  • 0
  • 0
  • 3
  • 5h ago
Profile picture fallback
This addresses the following vulnerabilities: CVE-2026-32283 CVE-2026-32281 CVE-2026-32280 CVE-2026-27144 CVE-2026-27143 CVE-2026-27140 CVE-2026-25679 CVE-2025-68119 CVE-2025-61732 CVE-2025-61731 CVE-2025-61726 CVE-2025-47907 CVE-2025-4674 N/A Security fixes for
  • 0
  • 0
  • 1
  • 5h ago

Overview

  • Go standard library
  • crypto/x509
  • crypto/x509

08 Apr 2026
Published
13 Apr 2026
Updated

CVSS
Pending
EPSS
0.02%

KEV

Description

Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. This only affects validation of otherwise trusted certificate chains, issued by a root CA in the VerifyOptions.Roots CertPool, or in the system certificate pool.

Statistics

  • 6 Posts

Last activity: 5 hours ago

Bluesky

Profile picture fallback
This addresses the following vulnerabilities: CVE-2026-39883 CVE-2026-34986 CVE-2026-33186 CVE-2026-32283 CVE-2026-32281 CVE-2026-32280 CVE-2026-29181 CVE-2026-27144 CVE-2026-27143 CVE-2026-27140 CVE-2026-25679 N/A Security fixes for apigee-watcher
  • 0
  • 0
  • 3
  • 5h ago
Profile picture fallback
This addresses the following vulnerabilities: CVE-2026-32283 CVE-2026-32281 CVE-2026-32280 CVE-2026-27144 CVE-2026-27143 CVE-2026-27140 CVE-2026-25679 CVE-2025-68119 CVE-2025-61732 CVE-2025-61731 CVE-2025-61726 CVE-2025-47907 CVE-2025-4674 N/A Security fixes for
  • 0
  • 0
  • 1
  • 5h ago
Showing 71 to 80 of 107 CVEs