2 matches found
CVE-2026-27140 vulnerabilities
Vulnerabilities for packages: kubernetes-csi-external-health-monitor, newrelic-infrastructure-agent, slsa-verifier, kube-fluentd-operator, azure-workload-identity-webhook, lazygit, syft, terraform-provider-kubernetes, capslock, karpenter, mockgen, go-md2man, knative-client, gh,...
CVE-2026-27140
CVE-2026-27140 affects Go toolchain components (Go golang and related tooling) via SWIG file name handling. The issue arises when SWIG file names containing 'cgo' enable code smuggling and arbitrary code execution at build time due to a trust-layer bypass. Connected advisories (Red Hat RHSA advis...