AZL-69257 CVE-2025-61724 affecting package golang 1.26.0-1

🗓️ 29 Oct 2025 23:16:20Reported by GoogleType

osv

osv🔗 osv.dev

CVE-2025-61724 affects golang 1.26.0-1; ReadResponse line concatenation causes high CPU.

Reporter	Title	Published	Views	Family All 725
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in DataStage on Cloud Pak for Data	25 Feb 202616:28	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to Improper Allocation of Resources in net/textproto [CVE-2025-61724]	20 Apr 202618:31	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Guardium Data Security Center is affected by multiple vulnerabilities	23 Jan 202620:43	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise Certified Container is vulnerable to denial of service and loss of confidentiality due to several findings in Golang binaries	19 Dec 202515:28	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities in IBM Business Automation Manager Open Editions.	11 Dec 202515:30	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple secuirty vulnerabilies addressed with IBM Business Automation Workflow containers January 2026	30 Jan 202617:17	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities affect IBM watsonx Orchestrate with watsonx Assistant Cartridge	22 Jan 202602:58	–	ibm
Tenable Nessus	Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2025-1239)	28 Oct 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : runfinch-finch (ALAS2023-2025-1270)	11 Nov 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : amazon-ecr-credential-helper (ALAS2023-2025-1271)	11 Nov 202500:00	–	nessus

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-61724

21 Apr 2026 04:38Current

7High risk

Vulners AI Score7

CVSS 3.15.3

EPSS0.00024

SSVC

cve 2025 61724 golang version 1.26.0 readresponse string concatenation high cpu