CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

39 matches found

OSV•added 2026/05/11 5:44 a.m.•5 views

BIT-GOLANG-2026-42501 Malicious module proxy can bypass checksum database in cmd/go

A malicious module proxy can exploit a flaw in the go command's validation of module checksums to bypass checksum database validation. This vulnerability affects any user using an untrusted module proxy GOMODPROXY or checksum database GOSUMDB. A malicious module proxy can serve altered versions o...

7.5CVSS5.8AI score0.00008EPSS

Exploits0References5

SUSE CVE•added 2026/05/09 2:42 a.m.•8 views

SUSE CVE-2026-42501

7.5CVSS5.8AI score0.00008EPSS

Exploits0References3

Tenable Nessus•added 2026/05/08 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-42501

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A malicious module proxy can exploit a flaw in the go command's validation of module checksums to bypass checksum database validation. This vulnerability affect...

7.5CVSS5.9AI score0.00008EPSS

Exploits0References3

EUVD•added 2026/05/07 9:30 p.m.•5 views

EUVD-2026-28433

5.8AI score0.00008EPSS

Exploits0References5

OSV•added 2026/05/07 8:16 p.m.•6 views

DEBIAN-CVE-2026-42501

7.5CVSS5.8AI score0.00008EPSS

Exploits0References1

OSV•added 2026/05/07 8:16 p.m.•2 views

UBUNTU-CVE-2026-42501

7.5CVSS5.8AI score0.00008EPSS

Exploits0References8

UbuntuCve•added 2026/05/07 8:16 p.m.•5 views

CVE-2026-42501

7.5CVSS5.8AI score0.00008EPSS

Exploits0References7

Cvelist•added 2026/05/07 7:41 p.m.•30 views

CVE-2026-42501 Malicious module proxy can bypass checksum database in cmd/go

0.00008EPSS

Exploits0References4

ATTACKERKB•added 2026/05/07 7:41 p.m.•8 views

CVE-2026-42501

5.8AI score0.00008EPSS

Exploits0References5Affected Software1

Debian CVE•added 2026/05/07 7:41 p.m.•6 views

CVE-2026-42501

7.5CVSS5.8AI score0.00008EPSS

Exploits0

Vulnrichment•added 2026/05/07 7:41 p.m.•7 views

CVE-2026-42501 Malicious module proxy can bypass checksum database in cmd/go

5.8AI score0.00008EPSS

Exploits0References4

AlpineLinux•added 2026/05/07 7:41 p.m.•8 views

CVE-2026-42501

7.5CVSS5.8AI score0.00008EPSS

Exploits0

OSV•added 2026/05/07 7:21 p.m.•6 views

GO-2026-4984 Malicious module proxy can bypass checksum database in cmd/go

7.5CVSS5.8AI score0.00008EPSS

Exploits0References3

Amazon•added 2026/04/30 12:0 a.m.•2 views

Important: golang

Issue Overview: SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time in the Go toolchain cmd/go due to trust layer bypass. CVE-2026-27140 Arithmetic over induction variables in loops were not correctly checked for...

9.8CVSS6.7AI score0.00022EPSS

Exploits0

Tenable Nessus•added 2026/04/30 12:0 a.m.•8 views

Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2026-1593)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1593 advisory. SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time in the Go toolchain cmd/go due to trust layer bypass...

9.8CVSS6.4AI score0.00022EPSS

Exploits0References20

Amazon•added 2026/04/01 12:0 a.m.•2 views

Important: amazon-ssm-agent

Issue Overview: cmd/go: bypass of flag sanitization can lead to arbitrary code execution CVE-2025-61731 cmd/go: unexpected code execution when invoking toolchain CVE-2025-68119 Affected Packages: amazon-ssm-agent Issue Correction: Run dnf update amazon-ssm-agent --releasever 2023.10.20260330 or d...

7.8CVSS6.4AI score0.00018EPSS

Exploits0

Tenable Nessus•added 2026/04/01 12:0 a.m.•0 views

Amazon Linux 2023 : amazon-ssm-agent (ALAS2023-2026-1499)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1499 advisory. cmd/go: bypass of flag sanitization can lead to arbitrary code execution CVE-2025-61731 cmd/go: unexpected code execution when invoking toolchain CVE-2025-68119 Tenable has extracted the...

7.8CVSS7.6AI score0.00018EPSS

Exploits0References6

Amazon•added 2026/03/19 12:0 a.m.•2 views

Important: amazon-ssm-agent

Issue Overview: cmd/go: bypass of flag sanitization can lead to arbitrary code execution CVE-2025-61731 cmd/go: unexpected code execution when invoking toolchain CVE-2025-68119 Affected Packages: amazon-ssm-agent Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this...

7.8CVSS7.7AI score0.00018EPSS

Exploits0

Tenable Nessus•added 2026/03/19 12:0 a.m.•3 views

Amazon Linux 2 : amazon-ssm-agent, --advisory ALAS2-2026-3207 (ALAS-2026-3207)

The version of amazon-ssm-agent installed on the remote host is prior to 3.3.3883.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3207 advisory. cmd/go: bypass of flag sanitization can lead to arbitrary code execution CVE-2025-61731 cmd/go: unexpected...

7.8CVSS6.5AI score0.00018EPSS

Exploits0References6

OSV•added 2026/03/11 6:35 p.m.•0 views

SUSE-SU-2026:0876-1 Security update for go1.26

This update for go1.26 fixes the following issues: Update to go1.26.1 bsc1255111: - CVE-2026-25679: net/url: reject IPv6 literal not at start of host bsc1259264. - CVE-2026-27137: crypto/x509: incorrect enforcement of email constraints bsc1259266. - CVE-2026-27138: crypto/x509: panic in name...

7.5CVSS5.8AI score0.00044EPSS

Exploits0References12

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by