Lucene search
K

82 matches found

OSV
OSV
added 2 days ago4 views

ROOT-APP-GOBINARY-CVE-2026-42502 CVE-2026-42502 in rootio-golang.org/x/net - Patched by Root

Root has patched CVE-2026-42502 in the rootio-golang.org/x/net package for Root:Go. Multiple fixed versions available...

6.1CVSS5.8AI score0.00178EPSS
Exploits0
OSV
OSV
added 2 days ago3 views

ROOT-APP-GOBINARY-CVE-2026-25681 CVE-2026-25681 in rootio-golang.org/x/net - Patched by Root

Root has patched CVE-2026-25681 in the rootio-golang.org/x/net package for Root:Go. Multiple fixed versions available...

6.1CVSS5.8AI score0.00178EPSS
Exploits0
OSV
OSV
added 2 days ago4 views

ROOT-APP-GOBINARY-CVE-2026-39821 CVE-2026-39821 in rootio-golang.org/x/net - Patched by Root

Root has patched CVE-2026-39821 in the rootio-golang.org/x/net package for Root:Go. Multiple fixed versions available...

9.6CVSS7.3AI score0.00478EPSS
Exploits0
OSV
OSV
added 3 days ago3 views

ROOT-APP-GOBINARY-CVE-2026-42506 CVE-2026-42506 in rootio-golang.org/x/net - Patched by Root

Root has patched CVE-2026-42506 in the rootio-golang.org/x/net package for Root:Go. Multiple fixed versions available...

6.1CVSS5.8AI score0.00188EPSS
Exploits0
OSV
OSV
added 4 days ago6 views

ROOT-APP-GOBINARY-CVE-2025-22870 CVE-2025-22870 in rootio-golang.org/x/net - Patched by Root

Root has patched CVE-2025-22870 in the rootio-golang.org/x/net package for Root:Go. Multiple fixed versions available...

4.4CVSS6.7AI score0.00384EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 4 days ago6 views

SUSE SLES15 Security Update : google-cloud-sap-agent (SUSE-SU-2026:2682-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:2682-1 advisory. - CVE-2026-39821: Update golang.org/x/net dependency bsc1266604. Tenable has extracted the preceding description block directly from the SUS...

9.6CVSS6.7AI score0.00478EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 5 days ago6 views

golang.org/x/net/idna: golang: golang.org/x/net/idna: Privilege escalation via incorrect Punycode label processing

A flaw was found in golang.org/x/net/idna. ToASCII and ToUnicode incorrectly accept Punycode-encoded labels that decode to an ASCII-only hostname for example, xn--example-.com returns example.com instead of an error. Applications that validate the ASCII form then convert to Unicode may grant acce...

9.6CVSS6.6AI score0.00478EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/06/27 12:0 a.m.5 views

SUSE SLES15 Security Update : aws-iam-authenticator (SUSE-SU-2026:2643-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2643-1 advisory. This update for aws-iam-authenticator fixes the following issues - CVE-2022-1996: CORS bypass bsc1200528. - CVE-2022-2385:...

9.6CVSS6.4AI score0.02737EPSS
Exploits1References20
OSV
OSV
added 2026/06/22 3:34 p.m.6 views

SUSE-SU-2026:2493-1 Security update for containerized-data-importer

This update for containerized-data-importer fixes the following issues: - Security: re-vendor Go dependencies to address CVEs tracked against containerized-data-importer backport of upstream PR 4110, post-v1.65.0. Fixed by this update: google.golang.org/grpc 1.65.0 - 1.79.3: bsc1260295...

9.1CVSS6.9AI score0.91969EPSS
Exploits7References20
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.4 views

SUSE SLES15 Security Update : amazon-ssm-agent (SUSE-SU-2026:2467-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2467-1 advisory. This update for amazon-ssm-agent fixes the following issues Update to version 3.3.4624.0: - CVE-2025-22869: golang.org/x/crypto/ssh...

10CVSS7AI score0.00868EPSS
Exploits3References52
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in golang-golang-x-net

golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service infinite loop by using crafted ParseFragment inputs...

7.5CVSS7.3AI score0.07293EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in golang-golang-x-net, containerd-app

The html.Parse function in golang.org/x/net/html has an infinite parsing loop when processing certain inputs, which can lead to a Denial-of-Service DoS attack if an attacker provides specially crafted HTML content...

5.3CVSS6.7AI score0.00482EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/06/18 8:50 a.m.17 views

CVE-2026-42507

A flaw was found in the net/textproto package in Golang. When functions in this package return errors, they include their input as part of the error message. An attacker could exploit this by injecting misleading content into these error messages, which are then printed or logged. This could lead...

5.3CVSS5.1AI score0.0037EPSS
Exploits0References7
OPENSUSE Linux
OPENSUSE Linux
added 2026/06/03 12:0 a.m.5 views

Security update for apptainer (important)

openSUSE security update: security update for apptainer ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20888-1 Rating: important References: bsc1266656 Cross-References: CVE-2026-39821 CVSS scores: CVE-2026-39821 SUSE : 7.4...

9.1CVSS6.5AI score0.00478EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/06/01 12:0 a.m.11 views

openSUSE 16 Security Update : apptainer (openSUSE-SU-2026:20834-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20834-1 advisory. Changes in apptainer: - Fix CVE-2026-39827, CVE-2026-39834, CVE-2026-39828, CVE-2026-39829, CVE-2026-39831, CVE-2026-42508, CVE-2026-39833,...

10CVSS6.7AI score0.00781EPSS
Exploits0References33
Microsoft CVE
Microsoft CVE
added 2026/05/27 8:10 a.m.18 views

Invoking duplicate attributes can cause XSS in golang.org/x/net/html

...

6.1CVSS5.8AI score0.00178EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/05/27 8:5 a.m.14 views

Invoking incorrect handling of namespaced elements in foreign content in golang.org/x/net/html

...

6.1CVSS5.8AI score0.00188EPSS
Exploits0
Snyk
Snyk
added 2026/05/22 5:42 p.m.10 views

Cross-site Scripting (XSS)

Overview github.com/golang/net/html is a package that implements an HTML5-compliant tokenizer and parser. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the writeQuoted function, which does not properly handle characters in DOCTYPE data. An attacker can cause the...

8.1CVSS5.7AI score0.00178EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/22 5:42 p.m.13 views

Cross-site Scripting (XSS)

Overview github.com/golang/net/html is a package that implements an HTML5-compliant tokenizer and parser. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the childTextNodesAreLiteral function in render.go. An attacker can cause the execution of scripts in the...

6.1CVSS5.7AI score0.00178EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/22 3:1 p.m.14 views

CVE-2026-42506 Invoking incorrect handling of namespaced elements in foreign content in golang.org/x/net/html

Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML tree. This can be leveraged to execute XSS attacks in applications that attempt to sanitize input HTML before rendering...

0.00188EPSS
Exploits0References4
Rows per page
Query Builder