Lucene search
K

7 matches found

OSV
OSV
added 2026/05/26 2:54 p.m.15 views

SUSE-SU-2026:2079-1 Security update for go1.25-openssl

This update for go1.25-openssl fixes the following issues Security issues: - CVE-2026-33811: net: crash when handling long CNAME response bsc1264508. - CVE-2026-33814: net/http: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1264506. - CVE-2026-39817: cmd/go: 'go tool...

7.5CVSS6AI score0.00813EPSS
Exploits0References25
OSV
OSV
added 2026/05/14 10:33 p.m.7 views

SUSE-SU-2026:1861-1 Security update for go1.26

This update for go1.26 fixes the following issues Security issues: - CVE-2026-33811: net: crash when handling long CNAME response bsc1264508. - CVE-2026-33814: net/http: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1264506. - CVE-2026-39817: cmd/go: 'go tool pack' does...

7.5CVSS5.8AI score0.00813EPSS
Exploits0References25
OSV
OSV
added 2026/05/11 5:44 a.m.5 views

BIT-GOLANG-2026-39826 Escaper bypass leads to XSS in html/template

If a trusted template author were to write a tag containing an empty 'type' attribute or a 'type' attribute with an ASCII whitespace, the execution of the template would incorrectly escape any data passed into the block...

6.1CVSS5.9AI score0.00371EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/07 7:41 p.m.59 views

CVE-2026-39826 Escaper bypass leads to XSS in html/template

If a trusted template author were to write a tag containing an empty 'type' attribute or a 'type' attribute with an ASCII whitespace, the execution of the template would incorrectly escape any data passed into the block...

0.00371EPSS
Exploits0References4
CVE
CVE
added 2026/05/07 7:41 p.m.45 views

CVE-2026-39826

CVE-2026-39826 corresponds to an escaper bypass in Go’s html/template that can allow data inside a [removed] block to be incorrectly escaped if a trusted template author uses a [removed] tag with an empty or whitespace-only type attribute. This is described across multiple feeds (NVD, EUVD, Debia...

6.1CVSS5.9AI score0.00371EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/07 7:41 p.m.6 views

CVE-2026-39826 Escaper bypass leads to XSS in html/template

If a trusted template author were to write a tag containing an empty 'type' attribute or a 'type' attribute with an ASCII whitespace, the execution of the template would incorrectly escape any data passed into the block...

5.9AI score0.00371EPSS
Exploits0References4
OSV
OSV
added 2026/05/07 7:41 p.m.2 views

CVE-2026-39826 Escaper bypass leads to XSS in html/template

If a trusted template author were to write a tag containing an empty 'type' attribute or a 'type' attribute with an ASCII whitespace, the execution of the template would incorrectly escape any data passed into the block...

6.1CVSS6.6AI score0.00371EPSS
Exploits0References7
Rows per page
Query Builder