{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","type":"deb","namespace":"debian","name":"golang-1.25","version":"1.25.9-1","qualifiers":{"distro":"sid"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1.25.10-1","latest_non_vulnerable_version":"1.25.10-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/357443?format=json","vulnerability_id":"VCID-1642-htyj-kubr","summary":"The \"go bug\" command writes to two files with predictable names in the system temporary directory (for example, \"/tmp\"). An attacker with access to the temporary directory can create a symlink in one of these names, causing \"go bug\" to overwrite the target of the symlink.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-39819","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00359","published_at":"2026-05-11T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00365","published_at":"2026-05-09T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00356","published_at":"2026-05-12T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00828","published_at":"2026-05-15T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.0083","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-39819"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-39819","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-39819"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://go.dev/cl/763882","reference_id":"763882","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-08T16:56:43Z/"}],"url":"https://go.dev/cl/763882"},{"reference_url":"https://go.dev/issue/78584","reference_id":"78584","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-08T16:56:43Z/"}],"url":"https://go.dev/issue/78584"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4978","reference_id":"GO-2026-4978","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-08T16:56:43Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4978"},{"reference_url":"https://groups.google.com/g/golang-announce/c/qcCIEXso47M","reference_id":"qcCIEXso47M","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-08T16:56:43Z/"}],"url":"https://groups.google.com/g/golang-announce/c/qcCIEXso47M"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2026-39819"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1642-htyj-kubr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/357408?format=json","vulnerability_id":"VCID-6b34-5hez-8yf2","summary":"Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-39820","reference_id":"","reference_type":"","scores":[{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12593","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12617","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.1259","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16819","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.1682","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-39820"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-39820","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-39820"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://go.dev/cl/759940","reference_id":"759940","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-08T14:27:51Z/"}],"url":"https://go.dev/cl/759940"},{"reference_url":"https://go.dev/issue/78566","reference_id":"78566","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-08T14:27:51Z/"}],"url":"https://go.dev/issue/78566"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4986","reference_id":"GO-2026-4986","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-08T14:27:51Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4986"},{"reference_url":"https://groups.google.com/g/golang-announce/c/qcCIEXso47M","reference_id":"qcCIEXso47M","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-08T14:27:51Z/"}],"url":"https://groups.google.com/g/golang-announce/c/qcCIEXso47M"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2026-39820"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6b34-5hez-8yf2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/357446?format=json","vulnerability_id":"VCID-ant6-bm7n-c3hm","summary":"Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42499","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06272","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06268","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06535","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06523","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06547","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42499"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42499","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42499"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://go.dev/cl/771520","reference_id":"771520","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-08T16:55:28Z/"}],"url":"https://go.dev/cl/771520"},{"reference_url":"https://go.dev/issue/78987","reference_id":"78987","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-08T16:55:28Z/"}],"url":"https://go.dev/issue/78987"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4977","reference_id":"GO-2026-4977","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-08T16:55:28Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4977"},{"reference_url":"https://groups.google.com/g/golang-announce/c/qcCIEXso47M","reference_id":"qcCIEXso47M","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-08T16:55:28Z/"}],"url":"https://groups.google.com/g/golang-announce/c/qcCIEXso47M"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2026-42499"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ant6-bm7n-c3hm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/357409?format=json","vulnerability_id":"VCID-fhzp-yggw-s7au","summary":"CVE-2026-27142 fixed a vulnerability in which URLs were not correctly escaped inside of a <meta> tag's <content> attribute. If the URL content were to insert ASCII whitespaces around the '=' rune inside of the <content> attribute, the escaper would fail to similarly escape it, leading to XSS.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-39823","reference_id":"","reference_type":"","scores":[{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01186","published_at":"2026-05-15T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01188","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02192","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02175","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02191","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-39823"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-39823","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-39823"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://go.dev/cl/769920","reference_id":"769920","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-08T14:05:34Z/"}],"url":"https://go.dev/cl/769920"},{"reference_url":"https://go.dev/issue/78913","reference_id":"78913","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-08T14:05:34Z/"}],"url":"https://go.dev/issue/78913"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4982","reference_id":"GO-2026-4982","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-08T14:05:34Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4982"},{"reference_url":"https://groups.google.com/g/golang-announce/c/qcCIEXso47M","reference_id":"qcCIEXso47M","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-08T14:05:34Z/"}],"url":"https://groups.google.com/g/golang-announce/c/qcCIEXso47M"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2026-39823"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fhzp-yggw-s7au"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/357442?format=json","vulnerability_id":"VCID-hast-jk42-g3da","summary":"The \"go tool pack\" subcommand (usually used only by the compiler as an internal tool with known-good inputs) does not sanitize output filenames. Extracting a malicious archive file with the \"pack\" subcommand can write files to arbitrary locations on the filesystem.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-39817","reference_id":"","reference_type":"","scores":[{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02728","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02738","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.05005","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.05011","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.05007","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-39817"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-39817","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-39817"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://go.dev/cl/767520","reference_id":"767520","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-08T16:58:23Z/"}],"url":"https://go.dev/cl/767520"},{"reference_url":"https://go.dev/issue/78778","reference_id":"78778","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-08T16:58:23Z/"}],"url":"https://go.dev/issue/78778"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4979","reference_id":"GO-2026-4979","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-08T16:58:23Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4979"},{"reference_url":"https://groups.google.com/g/golang-announce/c/qcCIEXso47M","reference_id":"qcCIEXso47M","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-08T16:58:23Z/"}],"url":"https://groups.google.com/g/golang-announce/c/qcCIEXso47M"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2026-39817"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hast-jk42-g3da"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/357444?format=json","vulnerability_id":"VCID-juan-6myp-7ydh","summary":"ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery. ReverseProxy does not take ParseQuery's limit on the total number of query parameters (controlled by GODEBUG=urlmaxqueryparams=N) into account. This can permit ReverseProxy to forward a request containing a query parameter that is not visible to the Rewrite function. For example, the query \"a1=x&a2=x&...&a10000=x&hidden=y\" can forward the parameter \"hidden=y\" while hiding it from the proxy's Rewrite function.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-39825","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01911","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01912","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01687","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01883","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-39825"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-39825","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-39825"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://go.dev/cl/770541","reference_id":"770541","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-08T16:46:43Z/"}],"url":"https://go.dev/cl/770541"},{"reference_url":"https://go.dev/issue/78948","reference_id":"78948","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-08T16:46:43Z/"}],"url":"https://go.dev/issue/78948"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4976","reference_id":"GO-2026-4976","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-08T16:46:43Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4976"},{"reference_url":"https://groups.google.com/g/golang-announce/c/qcCIEXso47M","reference_id":"qcCIEXso47M","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-08T16:46:43Z/"}],"url":"https://groups.google.com/g/golang-announce/c/qcCIEXso47M"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2026-39825"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-juan-6myp-7ydh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/357411?format=json","vulnerability_id":"VCID-m44c-grtm-kkfk","summary":"If a trusted template author were to write a <script> tag containing an empty 'type' attribute or a 'type' attribute with an ASCII whitespace, the execution of the template would incorrectly escape any data passed into the <script> block.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-39826","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01937","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01938","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03262","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03273","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03267","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-39826"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-39826","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-39826"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://go.dev/cl/771180","reference_id":"771180","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-08T14:04:40Z/"}],"url":"https://go.dev/cl/771180"},{"reference_url":"https://go.dev/issue/78981","reference_id":"78981","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-08T14:04:40Z/"}],"url":"https://go.dev/issue/78981"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4980","reference_id":"GO-2026-4980","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-08T14:04:40Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4980"},{"reference_url":"https://groups.google.com/g/golang-announce/c/qcCIEXso47M","reference_id":"qcCIEXso47M","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-08T14:04:40Z/"}],"url":"https://groups.google.com/g/golang-announce/c/qcCIEXso47M"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2026-39826"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m44c-grtm-kkfk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/357447?format=json","vulnerability_id":"VCID-r36g-6m47-g3f3","summary":"A malicious module proxy can exploit a flaw in the go command's validation of module checksums to bypass checksum database validation. This vulnerability affects any user using an untrusted module proxy (GOMODPROXY) or checksum database (GOSUMDB). A malicious module proxy can serve altered versions of the Go toolchain. When selecting a different version of the Go toolchain than the currently installed toolchain (due to the GOTOOLCHAIN environment variable, or a go.work or go.mod with a toolchain line), the go command will download and execute a toolchain provided by the module proxy. A malicious module proxy can bypass checksum database validation for this downloaded toolchain. Since this vulnerability affects the security of toolchain downloads, setting GOTOOLCHAIN to a fixed version is not sufficient. You must upgrade your base Go toolchain. The go tool always validates the hash of a toolchain before executing it, so fixed versions will refuse to execute any cached, altered versions of the toolchain. The go tool trusts go.sum files to contain accurate hashes of the current module's dependencies. A malicious proxy exploiting this vulnerability to serve an altered module will have caused an incorrect hash to be recorded in the go.sum. Users who have configured a non-trusted GOPROXY can determine if they have been affected by running \"rm go.sum ; go mod tidy ; go mod verify\", which will revalidate all dependencies of the current module. The specific flaw in more detail: The go command consults the checksum database to validate downloaded modules, when a module is not listed in the go.sum file. It verifies that the module hash reported by the checksum database matches the hash of the downloaded module. If, however, the checksum database returns a successful response that contains no entry for the module, the go command incorrectly permitted validation to succeed. A module proxy may mirror or proxy the checksum database, in which case the go command will not connect to the checksum database directly. Checksums reported by the checksum database are cryptographically signed, so a malicious proxy cannot alter the reported checksum for a module. However, a proxy which returns an empty checksum response, or a checksum response for an unrelated module, could cause the go command to proceed as if a downloaded module has been validated.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42501","reference_id":"","reference_type":"","scores":[{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02674","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02675","published_at":"2026-05-12T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00747","published_at":"2026-05-15T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00748","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-42501"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42501","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-42501"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://go.dev/cl/775321","reference_id":"775321","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-08T15:48:05Z/"}],"url":"https://go.dev/cl/775321"},{"reference_url":"https://go.dev/issue/79070","reference_id":"79070","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-08T15:48:05Z/"}],"url":"https://go.dev/issue/79070"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4984","reference_id":"GO-2026-4984","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-08T15:48:05Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4984"},{"reference_url":"https://groups.google.com/g/golang-announce/c/qcCIEXso47M","reference_id":"qcCIEXso47M","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-08T15:48:05Z/"}],"url":"https://groups.google.com/g/golang-announce/c/qcCIEXso47M"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2026-42501"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r36g-6m47-g3f3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/357421?format=json","vulnerability_id":"VCID-s3z8-q5kr-yfe7","summary":"When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33811","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04253","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.0424","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04706","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04717","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04714","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33811"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33811","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33811"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://go.dev/cl/767860","reference_id":"767860","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-08T14:25:39Z/"}],"url":"https://go.dev/cl/767860"},{"reference_url":"https://go.dev/issue/78803","reference_id":"78803","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-08T14:25:39Z/"}],"url":"https://go.dev/issue/78803"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4981","reference_id":"GO-2026-4981","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-08T14:25:39Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4981"},{"reference_url":"https://groups.google.com/g/golang-announce/c/qcCIEXso47M","reference_id":"qcCIEXso47M","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-08T14:25:39Z/"}],"url":"https://groups.google.com/g/golang-announce/c/qcCIEXso47M"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2026-33811"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s3z8-q5kr-yfe7"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/350595?format=json","vulnerability_id":"VCID-245f-jhkn-w3ck","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32281.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32281.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32281","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04595","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04775","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04731","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04693","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04696","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.0467","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04457","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04636","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05451","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05446","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05443","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05503","published_at":"2026-04-16T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.0045","published_at":"2026-04-09T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00451","published_at":"2026-04-11T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00447","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32281"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","reference_id":"0uYbvbPZRWU","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:52:37Z/"}],"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456333","reference_id":"2456333","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456333"},{"reference_url":"https://go.dev/cl/758061","reference_id":"758061","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:52:37Z/"}],"url":"https://go.dev/cl/758061"},{"reference_url":"https://go.dev/issue/78281","reference_id":"78281","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:52:37Z/"}],"url":"https://go.dev/issue/78281"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4946","reference_id":"GO-2026-4946","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:52:37Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2026-32281"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-245f-jhkn-w3ck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66649?format=json","vulnerability_id":"VCID-254d-pjst-c7hx","summary":"golang.org/net/http: Lack of limit when parsing cookies can cause memory exhaustion in net/http","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58186.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58186.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-58186","reference_id":"","reference_type":"","scores":[{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07821","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07774","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07778","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08778","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11272","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11167","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11125","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.1106","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10995","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11132","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11202","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.1117","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11213","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11267","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11221","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11276","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11287","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11253","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11226","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11089","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11098","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-58186"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58186","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58186"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407250","reference_id":"2407250","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407250"},{"reference_url":"https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI","reference_id":"4Emdl2iQ_bI","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:24:44Z/"}],"url":"https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"},{"reference_url":"https://go.dev/cl/709855","reference_id":"709855","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:24:44Z/"}],"url":"https://go.dev/cl/709855"},{"reference_url":"https://go.dev/issue/75672","reference_id":"75672","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:24:44Z/"}],"url":"https://go.dev/issue/75672"},{"reference_url":"https://pkg.go.dev/vuln/GO-2025-4012","reference_id":"GO-2025-4012","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:24:44Z/"}],"url":"https://pkg.go.dev/vuln/GO-2025-4012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923848?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/923846?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-245f-jhkn-w3ck"},{"vulnerability":"VCID-91yp-p6st-8ucd"},{"vulnerability":"VCID-ju53-xpej-3qca"},{"vulnerability":"VCID-s176-xcrb-e3ea"},{"vulnerability":"VCID-svbs-h3y5-wfbn"},{"vulnerability":"VCID-t19m-gs1u-rbfp"},{"vulnerability":"VCID-tf52-aa91-4kf3"},{"vulnerability":"VCID-tmb1-tq9e-puhd"},{"vulnerability":"VCID-vw1r-8zev-ykf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2025-58186"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-254d-pjst-c7hx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66646?format=json","vulnerability_id":"VCID-3nqb-6mna-jyb4","summary":"net/textproto: Excessive CPU consumption in Reader.ReadResponse in net/textproto","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61724.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61724.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61724","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03387","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03374","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03403","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04314","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06075","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05659","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05839","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05875","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05886","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05899","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05988","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06048","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06062","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06067","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05699","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05726","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05705","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05698","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05691","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05648","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61724"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61724","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61724"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407257","reference_id":"2407257","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407257"},{"reference_url":"https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI","reference_id":"4Emdl2iQ_bI","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:22:06Z/"}],"url":"https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"},{"reference_url":"https://go.dev/cl/709859","reference_id":"709859","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:22:06Z/"}],"url":"https://go.dev/cl/709859"},{"reference_url":"https://go.dev/issue/75716","reference_id":"75716","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:22:06Z/"}],"url":"https://go.dev/issue/75716"},{"reference_url":"https://pkg.go.dev/vuln/GO-2025-4015","reference_id":"GO-2025-4015","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:22:06Z/"}],"url":"https://pkg.go.dev/vuln/GO-2025-4015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923848?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/923846?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-245f-jhkn-w3ck"},{"vulnerability":"VCID-91yp-p6st-8ucd"},{"vulnerability":"VCID-ju53-xpej-3qca"},{"vulnerability":"VCID-s176-xcrb-e3ea"},{"vulnerability":"VCID-svbs-h3y5-wfbn"},{"vulnerability":"VCID-t19m-gs1u-rbfp"},{"vulnerability":"VCID-tf52-aa91-4kf3"},{"vulnerability":"VCID-tmb1-tq9e-puhd"},{"vulnerability":"VCID-vw1r-8zev-ykf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2025-61724"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3nqb-6mna-jyb4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64830?format=json","vulnerability_id":"VCID-5q9b-a7c4-1yht","summary":"golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61728.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61728.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61728","reference_id":"","reference_type":"","scores":[{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.0532","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05007","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05153","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.0518","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05221","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05223","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05211","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05261","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05306","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05314","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05312","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05316","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05068","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05101","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05115","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.0509","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05072","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05056","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05002","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05956","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05923","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61728"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125916","reference_id":"1125916","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125916"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125917","reference_id":"1125917","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125917"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2434431","reference_id":"2434431","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2434431"},{"reference_url":"https://go.dev/cl/736713","reference_id":"736713","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T18:29:58Z/"}],"url":"https://go.dev/cl/736713"},{"reference_url":"https://go.dev/issue/77102","reference_id":"77102","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T18:29:58Z/"}],"url":"https://go.dev/issue/77102"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4342","reference_id":"GO-2026-4342","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T18:29:58Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10104","reference_id":"RHSA-2026:10104","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10104"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10175","reference_id":"RHSA-2026:10175","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10175"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10184","reference_id":"RHSA-2026:10184","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10184"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11408","reference_id":"RHSA-2026:11408","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11408"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12028","reference_id":"RHSA-2026:12028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12282","reference_id":"RHSA-2026:12282","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12282"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14100","reference_id":"RHSA-2026:14100","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14774","reference_id":"RHSA-2026:14774","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14774"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15091","reference_id":"RHSA-2026:15091","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15091"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17040","reference_id":"RHSA-2026:17040","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2706","reference_id":"RHSA-2026:2706","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2706"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2708","reference_id":"RHSA-2026:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2708"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2709","reference_id":"RHSA-2026:2709","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2709"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2914","reference_id":"RHSA-2026:2914","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2914"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2920","reference_id":"RHSA-2026:2920","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2920"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3186","reference_id":"RHSA-2026:3186","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3186"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3188","reference_id":"RHSA-2026:3188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3192","reference_id":"RHSA-2026:3192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3193","reference_id":"RHSA-2026:3193","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3193"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3336","reference_id":"RHSA-2026:3336","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3336"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3337","reference_id":"RHSA-2026:3337","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3337"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3469","reference_id":"RHSA-2026:3469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3471","reference_id":"RHSA-2026:3471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3472","reference_id":"RHSA-2026:3472","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3472"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3473","reference_id":"RHSA-2026:3473","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3473"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3489","reference_id":"RHSA-2026:3489","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3489"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3556","reference_id":"RHSA-2026:3556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3556"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3559","reference_id":"RHSA-2026:3559","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3559"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3752","reference_id":"RHSA-2026:3752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3753","reference_id":"RHSA-2026:3753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3782","reference_id":"RHSA-2026:3782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3831","reference_id":"RHSA-2026:3831","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3831"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3833","reference_id":"RHSA-2026:3833","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3833"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3835","reference_id":"RHSA-2026:3835","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3835"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3836","reference_id":"RHSA-2026:3836","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3836"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3838","reference_id":"RHSA-2026:3838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3851","reference_id":"RHSA-2026:3851","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3851"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3854","reference_id":"RHSA-2026:3854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3855","reference_id":"RHSA-2026:3855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3880","reference_id":"RHSA-2026:3880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3884","reference_id":"RHSA-2026:3884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4170","reference_id":"RHSA-2026:4170","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4434","reference_id":"RHSA-2026:4434","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4466","reference_id":"RHSA-2026:4466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4466"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4467","reference_id":"RHSA-2026:4467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4672","reference_id":"RHSA-2026:4672","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4672"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4942","reference_id":"RHSA-2026:4942","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4942"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5110","reference_id":"RHSA-2026:5110","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5110"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5439","reference_id":"RHSA-2026:5439","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5439"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5444","reference_id":"RHSA-2026:5444","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5444"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5447","reference_id":"RHSA-2026:5447","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5447"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5452","reference_id":"RHSA-2026:5452","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5452"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5549","reference_id":"RHSA-2026:5549","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5549"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5645","reference_id":"RHSA-2026:5645","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5645"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5665","reference_id":"RHSA-2026:5665","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5665"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5851","reference_id":"RHSA-2026:5851","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5851"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5948","reference_id":"RHSA-2026:5948","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5948"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5950","reference_id":"RHSA-2026:5950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5952","reference_id":"RHSA-2026:5952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5952"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6055","reference_id":"RHSA-2026:6055","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6055"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6192","reference_id":"RHSA-2026:6192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6226","reference_id":"RHSA-2026:6226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6226"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6251","reference_id":"RHSA-2026:6251","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6251"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6428","reference_id":"RHSA-2026:6428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6429","reference_id":"RHSA-2026:6429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6497","reference_id":"RHSA-2026:6497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6554","reference_id":"RHSA-2026:6554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6554"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6564","reference_id":"RHSA-2026:6564","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6564"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6567","reference_id":"RHSA-2026:6567","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6567"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6568","reference_id":"RHSA-2026:6568","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6568"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7249","reference_id":"RHSA-2026:7249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7854","reference_id":"RHSA-2026:7854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8151","reference_id":"RHSA-2026:8151","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8151"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8229","reference_id":"RHSA-2026:8229","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8229"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8448","reference_id":"RHSA-2026:8448","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8448"},{"reference_url":"https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc","reference_id":"Vd2tYVM8eUc","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-29T18:29:58Z/"}],"url":"https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923849?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.6-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.6-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/923846?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-245f-jhkn-w3ck"},{"vulnerability":"VCID-91yp-p6st-8ucd"},{"vulnerability":"VCID-ju53-xpej-3qca"},{"vulnerability":"VCID-s176-xcrb-e3ea"},{"vulnerability":"VCID-svbs-h3y5-wfbn"},{"vulnerability":"VCID-t19m-gs1u-rbfp"},{"vulnerability":"VCID-tf52-aa91-4kf3"},{"vulnerability":"VCID-tmb1-tq9e-puhd"},{"vulnerability":"VCID-vw1r-8zev-ykf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2025-61728"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5q9b-a7c4-1yht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64344?format=json","vulnerability_id":"VCID-6a6z-bq7m-c3gf","summary":"crypto/x509: Panic in name constraint checking for malformed certificates in crypto/x509","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27138.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27138.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27138","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05245","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05215","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05792","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05749","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05788","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05813","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05784","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05778","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05741","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05894","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08508","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08498","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09957","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10025","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09998","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10037","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09915","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.0979","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09868","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09952","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27138"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2445344","reference_id":"2445344","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2445344"},{"reference_url":"https://go.dev/cl/752183","reference_id":"752183","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:34:15Z/"}],"url":"https://go.dev/cl/752183"},{"reference_url":"https://go.dev/issue/77953","reference_id":"77953","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:34:15Z/"}],"url":"https://go.dev/issue/77953"},{"reference_url":"https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk","reference_id":"EdhZqrQ98hk","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:34:15Z/"}],"url":"https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4600","reference_id":"GO-2026-4600","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:34:15Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4600"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923851?format=json","purl":"pkg:deb/debian/golang-1.25@0?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@0%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/923846?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-245f-jhkn-w3ck"},{"vulnerability":"VCID-91yp-p6st-8ucd"},{"vulnerability":"VCID-ju53-xpej-3qca"},{"vulnerability":"VCID-s176-xcrb-e3ea"},{"vulnerability":"VCID-svbs-h3y5-wfbn"},{"vulnerability":"VCID-t19m-gs1u-rbfp"},{"vulnerability":"VCID-tf52-aa91-4kf3"},{"vulnerability":"VCID-tmb1-tq9e-puhd"},{"vulnerability":"VCID-vw1r-8zev-ykf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2026-27138"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6a6z-bq7m-c3gf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66645?format=json","vulnerability_id":"VCID-7n3z-vwk2-3ydr","summary":"crypto/x509: golang: Panic when validating certificates with DSA public keys in crypto/x509","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58188.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58188.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-58188","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00426","published_at":"2026-04-07T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00399","published_at":"2026-04-04T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00904","published_at":"2026-05-15T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.0086","published_at":"2026-04-13T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00865","published_at":"2026-04-18T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00851","published_at":"2026-04-29T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00853","published_at":"2026-04-26T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00916","published_at":"2026-05-05T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00911","published_at":"2026-05-07T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00908","published_at":"2026-05-09T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00901","published_at":"2026-05-11T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00896","published_at":"2026-05-12T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00877","published_at":"2026-04-08T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00875","published_at":"2026-04-09T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00864","published_at":"2026-04-11T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00858","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-58188"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58188","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58188"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407255","reference_id":"2407255","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407255"},{"reference_url":"https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI","reference_id":"4Emdl2iQ_bI","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:23:42Z/"}],"url":"https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"},{"reference_url":"https://go.dev/cl/709853","reference_id":"709853","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:23:42Z/"}],"url":"https://go.dev/cl/709853"},{"reference_url":"https://go.dev/issue/75675","reference_id":"75675","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:23:42Z/"}],"url":"https://go.dev/issue/75675"},{"reference_url":"https://pkg.go.dev/vuln/GO-2025-4013","reference_id":"GO-2025-4013","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:23:42Z/"}],"url":"https://pkg.go.dev/vuln/GO-2025-4013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923848?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/923846?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-245f-jhkn-w3ck"},{"vulnerability":"VCID-91yp-p6st-8ucd"},{"vulnerability":"VCID-ju53-xpej-3qca"},{"vulnerability":"VCID-s176-xcrb-e3ea"},{"vulnerability":"VCID-svbs-h3y5-wfbn"},{"vulnerability":"VCID-t19m-gs1u-rbfp"},{"vulnerability":"VCID-tf52-aa91-4kf3"},{"vulnerability":"VCID-tmb1-tq9e-puhd"},{"vulnerability":"VCID-vw1r-8zev-ykf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2025-58188"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7n3z-vwk2-3ydr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64345?format=json","vulnerability_id":"VCID-8s5d-1byz-8fhz","summary":"html/template: URLs in meta content attribute actions are not escaped in html/template","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27142.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27142.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27142","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01407","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01258","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01411","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01414","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01263","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01426","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01436","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01429","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01424","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01421","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01551","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01552","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01555","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01562","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01542","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.0153","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01545","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01996","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01993","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03399","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27142"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27142","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27142"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2445351","reference_id":"2445351","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2445351"},{"reference_url":"https://go.dev/cl/752081","reference_id":"752081","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-16T15:21:11Z/"}],"url":"https://go.dev/cl/752081"},{"reference_url":"https://go.dev/issue/77954","reference_id":"77954","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-16T15:21:11Z/"}],"url":"https://go.dev/issue/77954"},{"reference_url":"https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk","reference_id":"EdhZqrQ98hk","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-16T15:21:11Z/"}],"url":"https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4603","reference_id":"GO-2026-4603","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-16T15:21:11Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4603"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5192","reference_id":"RHSA-2026:5192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923846?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-245f-jhkn-w3ck"},{"vulnerability":"VCID-91yp-p6st-8ucd"},{"vulnerability":"VCID-ju53-xpej-3qca"},{"vulnerability":"VCID-s176-xcrb-e3ea"},{"vulnerability":"VCID-svbs-h3y5-wfbn"},{"vulnerability":"VCID-t19m-gs1u-rbfp"},{"vulnerability":"VCID-tf52-aa91-4kf3"},{"vulnerability":"VCID-tmb1-tq9e-puhd"},{"vulnerability":"VCID-vw1r-8zev-ykf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2026-27142"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8s5d-1byz-8fhz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/350598?format=json","vulnerability_id":"VCID-91yp-p6st-8ucd","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32288.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32288.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32288","reference_id":"","reference_type":"","scores":[{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00171","published_at":"2026-05-07T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00192","published_at":"2026-05-14T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00194","published_at":"2026-05-11T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00169","published_at":"2026-05-09T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00172","published_at":"2026-05-05T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00175","published_at":"2026-04-26T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00173","published_at":"2026-04-21T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00191","published_at":"2026-05-15T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.0029","published_at":"2026-04-16T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00622","published_at":"2026-04-11T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00618","published_at":"2026-04-12T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.0062","published_at":"2026-04-13T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00816","published_at":"2026-04-08T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00813","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32288"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32288","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32288"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","reference_id":"0uYbvbPZRWU","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:05Z/"}],"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456332","reference_id":"2456332","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456332"},{"reference_url":"https://go.dev/cl/763766","reference_id":"763766","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:05Z/"}],"url":"https://go.dev/cl/763766"},{"reference_url":"https://go.dev/issue/78301","reference_id":"78301","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:05Z/"}],"url":"https://go.dev/issue/78301"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4869","reference_id":"GO-2026-4869","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:05Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4869"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2026-32288"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-91yp-p6st-8ucd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66392?format=json","vulnerability_id":"VCID-9ky3-s2vk-cuge","summary":"golang: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61727.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61727.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61727","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01439","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01379","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01377","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01386","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01391","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01372","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01374","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01365","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01458","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01467","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.0147","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01479","published_at":"2026-04-29T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00393","published_at":"2026-05-11T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00389","published_at":"2026-05-12T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00399","published_at":"2026-05-05T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00404","published_at":"2026-05-07T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00397","published_at":"2026-05-09T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00739","published_at":"2026-05-15T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.0074","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61727"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61727","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61727"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121847","reference_id":"1121847","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121847"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121848","reference_id":"1121848","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121848"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2418677","reference_id":"2418677","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2418677"},{"reference_url":"https://go.dev/cl/723900","reference_id":"723900","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T22:06:13Z/"}],"url":"https://go.dev/cl/723900"},{"reference_url":"https://go.dev/issue/76442","reference_id":"76442","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T22:06:13Z/"}],"url":"https://go.dev/issue/76442"},{"reference_url":"https://groups.google.com/g/golang-announce/c/8FJoBkPddm4","reference_id":"8FJoBkPddm4","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T22:06:13Z/"}],"url":"https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"},{"reference_url":"https://pkg.go.dev/vuln/GO-2025-4175","reference_id":"GO-2025-4175","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-03T22:06:13Z/"}],"url":"https://pkg.go.dev/vuln/GO-2025-4175"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0990","reference_id":"RHSA-2026:0990","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0990"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1042","reference_id":"RHSA-2026:1042","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1042"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1168","reference_id":"RHSA-2026:1168","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1168"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7070","reference_id":"RHSA-2026:7070","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923849?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.6-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.6-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/923846?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-245f-jhkn-w3ck"},{"vulnerability":"VCID-91yp-p6st-8ucd"},{"vulnerability":"VCID-ju53-xpej-3qca"},{"vulnerability":"VCID-s176-xcrb-e3ea"},{"vulnerability":"VCID-svbs-h3y5-wfbn"},{"vulnerability":"VCID-t19m-gs1u-rbfp"},{"vulnerability":"VCID-tf52-aa91-4kf3"},{"vulnerability":"VCID-tmb1-tq9e-puhd"},{"vulnerability":"VCID-vw1r-8zev-ykf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2025-61727"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9ky3-s2vk-cuge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66651?format=json","vulnerability_id":"VCID-br2f-7ux9-hkhg","summary":"encoding/pem: Quadratic complexity when parsing some invalid inputs in encoding/pem","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61723.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61723.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61723","reference_id":"","reference_type":"","scores":[{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07696","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07653","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07665","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09096","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11628","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.1155","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.1151","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11438","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11365","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.115","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11551","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11521","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.1156","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11616","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11598","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11658","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11669","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11633","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11606","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11468","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.1147","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61723"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61723","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61723"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407252","reference_id":"2407252","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407252"},{"reference_url":"https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI","reference_id":"4Emdl2iQ_bI","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-30T20:35:15Z/"}],"url":"https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"},{"reference_url":"https://go.dev/cl/709858","reference_id":"709858","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-30T20:35:15Z/"}],"url":"https://go.dev/cl/709858"},{"reference_url":"https://go.dev/issue/75676","reference_id":"75676","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-30T20:35:15Z/"}],"url":"https://go.dev/issue/75676"},{"reference_url":"https://pkg.go.dev/vuln/GO-2025-4009","reference_id":"GO-2025-4009","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-30T20:35:15Z/"}],"url":"https://pkg.go.dev/vuln/GO-2025-4009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923848?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/923846?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-245f-jhkn-w3ck"},{"vulnerability":"VCID-91yp-p6st-8ucd"},{"vulnerability":"VCID-ju53-xpej-3qca"},{"vulnerability":"VCID-s176-xcrb-e3ea"},{"vulnerability":"VCID-svbs-h3y5-wfbn"},{"vulnerability":"VCID-t19m-gs1u-rbfp"},{"vulnerability":"VCID-tf52-aa91-4kf3"},{"vulnerability":"VCID-tmb1-tq9e-puhd"},{"vulnerability":"VCID-vw1r-8zev-ykf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2025-61723"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-br2f-7ux9-hkhg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66652?format=json","vulnerability_id":"VCID-bv1f-bee8-cbek","summary":"net/mail: Excessive CPU consumption in ParseAddress in net/mail","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61725.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61725.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61725","reference_id":"","reference_type":"","scores":[{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08103","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.0806","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08055","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12235","published_at":"2026-05-15T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12197","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12161","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12048","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.11963","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12099","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12157","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12139","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12163","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.1223","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12231","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.1228","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12288","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12251","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12214","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12103","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12106","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12218","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61725"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61725","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61725"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407249","reference_id":"2407249","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407249"},{"reference_url":"https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI","reference_id":"4Emdl2iQ_bI","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-03T19:44:00Z/"}],"url":"https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"},{"reference_url":"https://go.dev/cl/709860","reference_id":"709860","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-03T19:44:00Z/"}],"url":"https://go.dev/cl/709860"},{"reference_url":"https://go.dev/issue/75680","reference_id":"75680","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-03T19:44:00Z/"}],"url":"https://go.dev/issue/75680"},{"reference_url":"https://pkg.go.dev/vuln/GO-2025-4006","reference_id":"GO-2025-4006","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-03T19:44:00Z/"}],"url":"https://pkg.go.dev/vuln/GO-2025-4006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923848?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/923846?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-245f-jhkn-w3ck"},{"vulnerability":"VCID-91yp-p6st-8ucd"},{"vulnerability":"VCID-ju53-xpej-3qca"},{"vulnerability":"VCID-s176-xcrb-e3ea"},{"vulnerability":"VCID-svbs-h3y5-wfbn"},{"vulnerability":"VCID-t19m-gs1u-rbfp"},{"vulnerability":"VCID-tf52-aa91-4kf3"},{"vulnerability":"VCID-tmb1-tq9e-puhd"},{"vulnerability":"VCID-vw1r-8zev-ykf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2025-61725"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bv1f-bee8-cbek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64832?format=json","vulnerability_id":"VCID-csmt-e61b-tued","summary":"cmd/go: cmd/go: Arbitrary file write via malicious pkg-config directive","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61731.json","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61731.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61731","reference_id":"","reference_type":"","scores":[{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.0124","published_at":"2026-05-15T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01126","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01116","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01241","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01245","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01251","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01244","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01239","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01236","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01232","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01231","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01242","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01138","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01144","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01145","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01129","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01124","published_at":"2026-04-12T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00856","published_at":"2026-04-04T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00855","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61731"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61731","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61731"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125916","reference_id":"1125916","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125916"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125917","reference_id":"1125917","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125917"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2434433","reference_id":"2434433","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2434433"},{"reference_url":"https://go.dev/cl/736711","reference_id":"736711","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-29T04:55:56Z/"}],"url":"https://go.dev/cl/736711"},{"reference_url":"https://go.dev/issue/77100","reference_id":"77100","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-29T04:55:56Z/"}],"url":"https://go.dev/issue/77100"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4339","reference_id":"GO-2026-4339","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-29T04:55:56Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12118","reference_id":"RHSA-2026:12118","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12118"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12282","reference_id":"RHSA-2026:12282","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12282"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13736","reference_id":"RHSA-2026:13736","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13736"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14100","reference_id":"RHSA-2026:14100","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14774","reference_id":"RHSA-2026:14774","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14774"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15091","reference_id":"RHSA-2026:15091","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15091"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3556","reference_id":"RHSA-2026:3556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3556"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3559","reference_id":"RHSA-2026:3559","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3559"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3855","reference_id":"RHSA-2026:3855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4434","reference_id":"RHSA-2026:4434","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5133","reference_id":"RHSA-2026:5133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5907","reference_id":"RHSA-2026:5907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5941","reference_id":"RHSA-2026:5941","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5941"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5942","reference_id":"RHSA-2026:5942","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5942"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5943","reference_id":"RHSA-2026:5943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5944","reference_id":"RHSA-2026:5944","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5944"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5948","reference_id":"RHSA-2026:5948","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5948"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5950","reference_id":"RHSA-2026:5950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5952","reference_id":"RHSA-2026:5952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5952"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6949","reference_id":"RHSA-2026:6949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7833","reference_id":"RHSA-2026:7833","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7833"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7834","reference_id":"RHSA-2026:7834","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7834"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7876","reference_id":"RHSA-2026:7876","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7876"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7877","reference_id":"RHSA-2026:7877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7878","reference_id":"RHSA-2026:7878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7879","reference_id":"RHSA-2026:7879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7883","reference_id":"RHSA-2026:7883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7883"},{"reference_url":"https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc","reference_id":"Vd2tYVM8eUc","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-29T04:55:56Z/"}],"url":"https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923849?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.6-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.6-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/923846?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-245f-jhkn-w3ck"},{"vulnerability":"VCID-91yp-p6st-8ucd"},{"vulnerability":"VCID-ju53-xpej-3qca"},{"vulnerability":"VCID-s176-xcrb-e3ea"},{"vulnerability":"VCID-svbs-h3y5-wfbn"},{"vulnerability":"VCID-t19m-gs1u-rbfp"},{"vulnerability":"VCID-tf52-aa91-4kf3"},{"vulnerability":"VCID-tmb1-tq9e-puhd"},{"vulnerability":"VCID-vw1r-8zev-ykf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2025-61731"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-csmt-e61b-tued"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64343?format=json","vulnerability_id":"VCID-czyb-wuf2-x7he","summary":"os: FileInfo can escape from a Root in golang os module","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27139.json","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27139.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27139","reference_id":"","reference_type":"","scores":[{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00209","published_at":"2026-04-02T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00266","published_at":"2026-04-08T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.0021","published_at":"2026-04-04T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00268","published_at":"2026-04-07T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00265","published_at":"2026-04-11T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00261","published_at":"2026-04-12T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.0026","published_at":"2026-04-18T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00259","published_at":"2026-04-16T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00642","published_at":"2026-05-07T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00621","published_at":"2026-05-14T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00619","published_at":"2026-05-15T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00645","published_at":"2026-05-05T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00646","published_at":"2026-04-29T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00638","published_at":"2026-05-09T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.0063","published_at":"2026-05-11T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00625","published_at":"2026-05-12T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00716","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27139"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27139","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27139"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2445335","reference_id":"2445335","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2445335"},{"reference_url":"https://go.dev/cl/749480","reference_id":"749480","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-09T14:53:55Z/"}],"url":"https://go.dev/cl/749480"},{"reference_url":"https://go.dev/issue/77827","reference_id":"77827","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-09T14:53:55Z/"}],"url":"https://go.dev/issue/77827"},{"reference_url":"https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk","reference_id":"EdhZqrQ98hk","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-09T14:53:55Z/"}],"url":"https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4602","reference_id":"GO-2026-4602","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-09T14:53:55Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4602"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923846?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-245f-jhkn-w3ck"},{"vulnerability":"VCID-91yp-p6st-8ucd"},{"vulnerability":"VCID-ju53-xpej-3qca"},{"vulnerability":"VCID-s176-xcrb-e3ea"},{"vulnerability":"VCID-svbs-h3y5-wfbn"},{"vulnerability":"VCID-t19m-gs1u-rbfp"},{"vulnerability":"VCID-tf52-aa91-4kf3"},{"vulnerability":"VCID-tmb1-tq9e-puhd"},{"vulnerability":"VCID-vw1r-8zev-ykf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2026-27139"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-czyb-wuf2-x7he"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64682?format=json","vulnerability_id":"VCID-dp1t-v58b-43du","summary":"crypto/tls: Unexpected session resumption in crypto/tls","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68121.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68121.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-68121","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04012","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03999","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04026","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04041","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04068","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04049","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04029","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04044","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04669","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04353","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04361","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04493","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.0452","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04541","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04583","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04613","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04652","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04658","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.0466","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04664","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-68121"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68121","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68121"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125916","reference_id":"1125916","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125916"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125917","reference_id":"1125917","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125917"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2437111","reference_id":"2437111","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2437111"},{"reference_url":"https://go.dev/cl/737700","reference_id":"737700","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-29T03:55:46Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-20T16:05:03Z/"}],"url":"https://go.dev/cl/737700"},{"reference_url":"https://go.dev/issue/77217","reference_id":"77217","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-29T03:55:46Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-20T16:05:03Z/"}],"url":"https://go.dev/issue/77217"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4337","reference_id":"GO-2026-4337","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-20T16:05:03Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-29T03:55:46Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4337"},{"reference_url":"https://groups.google.com/g/golang-announce/c/K09ubi9FQFk","reference_id":"K09ubi9FQFk","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-29T03:55:46Z/"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-20T16:05:03Z/"}],"url":"https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10125","reference_id":"RHSA-2026:10125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10158","reference_id":"RHSA-2026:10158","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10158"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10225","reference_id":"RHSA-2026:10225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10250","reference_id":"RHSA-2026:10250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11331","reference_id":"RHSA-2026:11331","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11331"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11414","reference_id":"RHSA-2026:11414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11747","reference_id":"RHSA-2026:11747","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11747"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11749","reference_id":"RHSA-2026:11749","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11749"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12028","reference_id":"RHSA-2026:12028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12029","reference_id":"RHSA-2026:12029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12029"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12030","reference_id":"RHSA-2026:12030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12031","reference_id":"RHSA-2026:12031","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12032","reference_id":"RHSA-2026:12032","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12032"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12033","reference_id":"RHSA-2026:12033","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12033"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12282","reference_id":"RHSA-2026:12282","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12282"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13542","reference_id":"RHSA-2026:13542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13545","reference_id":"RHSA-2026:13545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13571","reference_id":"RHSA-2026:13571","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13571"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14100","reference_id":"RHSA-2026:14100","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14868","reference_id":"RHSA-2026:14868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14879","reference_id":"RHSA-2026:14879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16102","reference_id":"RHSA-2026:16102","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16102"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16696","reference_id":"RHSA-2026:16696","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17040","reference_id":"RHSA-2026:17040","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17084","reference_id":"RHSA-2026:17084","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17084"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17686","reference_id":"RHSA-2026:17686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17686"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2706","reference_id":"RHSA-2026:2706","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2706"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2708","reference_id":"RHSA-2026:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2708"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2709","reference_id":"RHSA-2026:2709","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2709"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2914","reference_id":"RHSA-2026:2914","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2914"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2920","reference_id":"RHSA-2026:2920","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2920"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3035","reference_id":"RHSA-2026:3035","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3035"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3040","reference_id":"RHSA-2026:3040","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3089","reference_id":"RHSA-2026:3089","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3089"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3092","reference_id":"RHSA-2026:3092","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3092"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3186","reference_id":"RHSA-2026:3186","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3186"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3187","reference_id":"RHSA-2026:3187","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3187"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3188","reference_id":"RHSA-2026:3188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3192","reference_id":"RHSA-2026:3192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3193","reference_id":"RHSA-2026:3193","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3193"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3291","reference_id":"RHSA-2026:3291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3297","reference_id":"RHSA-2026:3297","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3297"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3298","reference_id":"RHSA-2026:3298","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3298"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3336","reference_id":"RHSA-2026:3336","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3336"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3337","reference_id":"RHSA-2026:3337","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3337"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3340","reference_id":"RHSA-2026:3340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3340"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3341","reference_id":"RHSA-2026:3341","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3341"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3343","reference_id":"RHSA-2026:3343","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3459","reference_id":"RHSA-2026:3459","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3459"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3506","reference_id":"RHSA-2026:3506","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3506"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3556","reference_id":"RHSA-2026:3556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3556"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3559","reference_id":"RHSA-2026:3559","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3559"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3752","reference_id":"RHSA-2026:3752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3753","reference_id":"RHSA-2026:3753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3782","reference_id":"RHSA-2026:3782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3816","reference_id":"RHSA-2026:3816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3817","reference_id":"RHSA-2026:3817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3831","reference_id":"RHSA-2026:3831","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3831"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3833","reference_id":"RHSA-2026:3833","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3833"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3839","reference_id":"RHSA-2026:3839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3840","reference_id":"RHSA-2026:3840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3842","reference_id":"RHSA-2026:3842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3843","reference_id":"RHSA-2026:3843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3855","reference_id":"RHSA-2026:3855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3864","reference_id":"RHSA-2026:3864","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3864"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3874","reference_id":"RHSA-2026:3874","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3884","reference_id":"RHSA-2026:3884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3898","reference_id":"RHSA-2026:3898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3928","reference_id":"RHSA-2026:3928","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3928"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3929","reference_id":"RHSA-2026:3929","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3929"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3970","reference_id":"RHSA-2026:3970","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3970"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3971","reference_id":"RHSA-2026:3971","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3971"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3977","reference_id":"RHSA-2026:3977","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3977"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3985","reference_id":"RHSA-2026:3985","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3985"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4164","reference_id":"RHSA-2026:4164","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4166","reference_id":"RHSA-2026:4166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4170","reference_id":"RHSA-2026:4170","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4174","reference_id":"RHSA-2026:4174","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4174"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4177","reference_id":"RHSA-2026:4177","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4177"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4220","reference_id":"RHSA-2026:4220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4256","reference_id":"RHSA-2026:4256","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4256"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4264","reference_id":"RHSA-2026:4264","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4264"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4267","reference_id":"RHSA-2026:4267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4270","reference_id":"RHSA-2026:4270","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4270"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4466","reference_id":"RHSA-2026:4466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4466"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4467","reference_id":"RHSA-2026:4467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4498","reference_id":"RHSA-2026:4498","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4498"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4500","reference_id":"RHSA-2026:4500","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4672","reference_id":"RHSA-2026:4672","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4672"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4892","reference_id":"RHSA-2026:4892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4901","reference_id":"RHSA-2026:4901","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4901"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4907","reference_id":"RHSA-2026:4907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4942","reference_id":"RHSA-2026:4942","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4942"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4952","reference_id":"RHSA-2026:4952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4952"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5077","reference_id":"RHSA-2026:5077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5110","reference_id":"RHSA-2026:5110","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5110"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5129","reference_id":"RHSA-2026:5129","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5129"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5130","reference_id":"RHSA-2026:5130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5130"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5131","reference_id":"RHSA-2026:5131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5132","reference_id":"RHSA-2026:5132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5133","reference_id":"RHSA-2026:5133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5146","reference_id":"RHSA-2026:5146","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5146"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5168","reference_id":"RHSA-2026:5168","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5168"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5394","reference_id":"RHSA-2026:5394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5452","reference_id":"RHSA-2026:5452","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5452"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5549","reference_id":"RHSA-2026:5549","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5549"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5636","reference_id":"RHSA-2026:5636","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5636"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5645","reference_id":"RHSA-2026:5645","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5645"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5665","reference_id":"RHSA-2026:5665","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5665"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5851","reference_id":"RHSA-2026:5851","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5851"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5866","reference_id":"RHSA-2026:5866","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5876","reference_id":"RHSA-2026:5876","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5876"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5878","reference_id":"RHSA-2026:5878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5907","reference_id":"RHSA-2026:5907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5948","reference_id":"RHSA-2026:5948","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5948"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5950","reference_id":"RHSA-2026:5950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5952","reference_id":"RHSA-2026:5952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5952"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6192","reference_id":"RHSA-2026:6192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6226","reference_id":"RHSA-2026:6226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6226"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6277","reference_id":"RHSA-2026:6277","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6277"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6278","reference_id":"RHSA-2026:6278","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6278"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6428","reference_id":"RHSA-2026:6428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6429","reference_id":"RHSA-2026:6429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6497","reference_id":"RHSA-2026:6497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6552","reference_id":"RHSA-2026:6552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6567","reference_id":"RHSA-2026:6567","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6567"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6568","reference_id":"RHSA-2026:6568","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6568"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7052","reference_id":"RHSA-2026:7052","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7052"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7854","reference_id":"RHSA-2026:7854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7885","reference_id":"RHSA-2026:7885","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8151","reference_id":"RHSA-2026:8151","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8151"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8167","reference_id":"RHSA-2026:8167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8218","reference_id":"RHSA-2026:8218","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8218"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8337","reference_id":"RHSA-2026:8337","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8337"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8338","reference_id":"RHSA-2026:8338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8433","reference_id":"RHSA-2026:8433","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8433"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8483","reference_id":"RHSA-2026:8483","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8483"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9097","reference_id":"RHSA-2026:9097","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9097"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9098","reference_id":"RHSA-2026:9098","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9098"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9108","reference_id":"RHSA-2026:9108","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9108"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9109","reference_id":"RHSA-2026:9109","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9109"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9385","reference_id":"RHSA-2026:9385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9385"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9848","reference_id":"RHSA-2026:9848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9848"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923849?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.6-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.6-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/923846?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-245f-jhkn-w3ck"},{"vulnerability":"VCID-91yp-p6st-8ucd"},{"vulnerability":"VCID-ju53-xpej-3qca"},{"vulnerability":"VCID-s176-xcrb-e3ea"},{"vulnerability":"VCID-svbs-h3y5-wfbn"},{"vulnerability":"VCID-t19m-gs1u-rbfp"},{"vulnerability":"VCID-tf52-aa91-4kf3"},{"vulnerability":"VCID-tmb1-tq9e-puhd"},{"vulnerability":"VCID-vw1r-8zev-ykf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2025-68121"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dp1t-v58b-43du"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64831?format=json","vulnerability_id":"VCID-dtt9-gmqf-nbaf","summary":"golang: net/url: Memory exhaustion in query parameter parsing in net/url","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61726.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61726.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61726","reference_id":"","reference_type":"","scores":[{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09374","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09324","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10073","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.0993","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09896","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09854","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09771","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09939","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10007","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09979","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10019","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.1008","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.0981","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09883","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09935","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09948","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.0991","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09889","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09772","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09744","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61726"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61726","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61726"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125916","reference_id":"1125916","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125916"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125917","reference_id":"1125917","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125917"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2434432","reference_id":"2434432","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2434432"},{"reference_url":"https://go.dev/cl/736712","reference_id":"736712","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-29T18:31:39Z/"}],"url":"https://go.dev/cl/736712"},{"reference_url":"https://go.dev/issue/77101","reference_id":"77101","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-29T18:31:39Z/"}],"url":"https://go.dev/issue/77101"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4341","reference_id":"GO-2026-4341","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-29T18:31:39Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4341"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10096","reference_id":"RHSA-2026:10096","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10096"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10104","reference_id":"RHSA-2026:10104","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10104"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10184","reference_id":"RHSA-2026:10184","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10184"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10225","reference_id":"RHSA-2026:10225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10250","reference_id":"RHSA-2026:10250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11408","reference_id":"RHSA-2026:11408","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11408"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11414","reference_id":"RHSA-2026:11414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11414"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11747","reference_id":"RHSA-2026:11747","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11747"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11749","reference_id":"RHSA-2026:11749","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11749"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12028","reference_id":"RHSA-2026:12028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12029","reference_id":"RHSA-2026:12029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12029"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12030","reference_id":"RHSA-2026:12030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12031","reference_id":"RHSA-2026:12031","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12032","reference_id":"RHSA-2026:12032","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12032"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12033","reference_id":"RHSA-2026:12033","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12033"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12279","reference_id":"RHSA-2026:12279","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12279"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12282","reference_id":"RHSA-2026:12282","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12282"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13542","reference_id":"RHSA-2026:13542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13548","reference_id":"RHSA-2026:13548","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13548"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13571","reference_id":"RHSA-2026:13571","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13571"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14100","reference_id":"RHSA-2026:14100","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14774","reference_id":"RHSA-2026:14774","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14774"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14868","reference_id":"RHSA-2026:14868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14879","reference_id":"RHSA-2026:14879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15091","reference_id":"RHSA-2026:15091","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15091"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15984","reference_id":"RHSA-2026:15984","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15984"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16102","reference_id":"RHSA-2026:16102","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16102"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16696","reference_id":"RHSA-2026:16696","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17040","reference_id":"RHSA-2026:17040","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17084","reference_id":"RHSA-2026:17084","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17084"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17460","reference_id":"RHSA-2026:17460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17460"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17463","reference_id":"RHSA-2026:17463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2681","reference_id":"RHSA-2026:2681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2706","reference_id":"RHSA-2026:2706","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2706"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2708","reference_id":"RHSA-2026:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2708"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2709","reference_id":"RHSA-2026:2709","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2709"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2754","reference_id":"RHSA-2026:2754","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2754"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2844","reference_id":"RHSA-2026:2844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2914","reference_id":"RHSA-2026:2914","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2914"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2920","reference_id":"RHSA-2026:2920","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2920"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3035","reference_id":"RHSA-2026:3035","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3035"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3040","reference_id":"RHSA-2026:3040","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3089","reference_id":"RHSA-2026:3089","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3089"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3092","reference_id":"RHSA-2026:3092","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3092"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3184","reference_id":"RHSA-2026:3184","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3184"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3186","reference_id":"RHSA-2026:3186","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3186"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3187","reference_id":"RHSA-2026:3187","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3187"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3188","reference_id":"RHSA-2026:3188","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3188"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3192","reference_id":"RHSA-2026:3192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3193","reference_id":"RHSA-2026:3193","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3193"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3291","reference_id":"RHSA-2026:3291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3296","reference_id":"RHSA-2026:3296","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3296"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3297","reference_id":"RHSA-2026:3297","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3297"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3298","reference_id":"RHSA-2026:3298","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3298"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3336","reference_id":"RHSA-2026:3336","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3336"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3337","reference_id":"RHSA-2026:3337","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3337"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3340","reference_id":"RHSA-2026:3340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3340"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3341","reference_id":"RHSA-2026:3341","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3341"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3343","reference_id":"RHSA-2026:3343","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3391","reference_id":"RHSA-2026:3391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3416","reference_id":"RHSA-2026:3416","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3416"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3427","reference_id":"RHSA-2026:3427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3459","reference_id":"RHSA-2026:3459","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3459"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3468","reference_id":"RHSA-2026:3468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3469","reference_id":"RHSA-2026:3469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3470","reference_id":"RHSA-2026:3470","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3470"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3471","reference_id":"RHSA-2026:3471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3472","reference_id":"RHSA-2026:3472","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3472"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3473","reference_id":"RHSA-2026:3473","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3473"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3489","reference_id":"RHSA-2026:3489","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3489"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3506","reference_id":"RHSA-2026:3506","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3506"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3556","reference_id":"RHSA-2026:3556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3556"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3559","reference_id":"RHSA-2026:3559","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3559"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3668","reference_id":"RHSA-2026:3668","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3668"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3669","reference_id":"RHSA-2026:3669","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3669"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3699","reference_id":"RHSA-2026:3699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3713","reference_id":"RHSA-2026:3713","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3713"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3752","reference_id":"RHSA-2026:3752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3753","reference_id":"RHSA-2026:3753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3782","reference_id":"RHSA-2026:3782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3812","reference_id":"RHSA-2026:3812","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3812"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3813","reference_id":"RHSA-2026:3813","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3813"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3814","reference_id":"RHSA-2026:3814","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3814"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3815","reference_id":"RHSA-2026:3815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3816","reference_id":"RHSA-2026:3816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3817","reference_id":"RHSA-2026:3817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3818","reference_id":"RHSA-2026:3818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3820","reference_id":"RHSA-2026:3820","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3821","reference_id":"RHSA-2026:3821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3822","reference_id":"RHSA-2026:3822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3831","reference_id":"RHSA-2026:3831","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3831"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3833","reference_id":"RHSA-2026:3833","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3833"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3835","reference_id":"RHSA-2026:3835","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3835"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3836","reference_id":"RHSA-2026:3836","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3836"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3838","reference_id":"RHSA-2026:3838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3839","reference_id":"RHSA-2026:3839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3840","reference_id":"RHSA-2026:3840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3841","reference_id":"RHSA-2026:3841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3843","reference_id":"RHSA-2026:3843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3854","reference_id":"RHSA-2026:3854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3855","reference_id":"RHSA-2026:3855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3856","reference_id":"RHSA-2026:3856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3864","reference_id":"RHSA-2026:3864","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3864"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3869","reference_id":"RHSA-2026:3869","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3869"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3874","reference_id":"RHSA-2026:3874","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3875","reference_id":"RHSA-2026:3875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3879","reference_id":"RHSA-2026:3879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3880","reference_id":"RHSA-2026:3880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3884","reference_id":"RHSA-2026:3884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3898","reference_id":"RHSA-2026:3898","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3898"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3905","reference_id":"RHSA-2026:3905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3906","reference_id":"RHSA-2026:3906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3928","reference_id":"RHSA-2026:3928","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3928"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3929","reference_id":"RHSA-2026:3929","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3929"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3930","reference_id":"RHSA-2026:3930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3931","reference_id":"RHSA-2026:3931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3932","reference_id":"RHSA-2026:3932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3958","reference_id":"RHSA-2026:3958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3959","reference_id":"RHSA-2026:3959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3960","reference_id":"RHSA-2026:3960","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3960"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3970","reference_id":"RHSA-2026:3970","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3970"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3971","reference_id":"RHSA-2026:3971","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3971"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3972","reference_id":"RHSA-2026:3972","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3972"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3973","reference_id":"RHSA-2026:3973","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3973"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3974","reference_id":"RHSA-2026:3974","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3974"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3977","reference_id":"RHSA-2026:3977","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3977"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3985","reference_id":"RHSA-2026:3985","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3985"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4164","reference_id":"RHSA-2026:4164","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4166","reference_id":"RHSA-2026:4166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4170","reference_id":"RHSA-2026:4170","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4174","reference_id":"RHSA-2026:4174","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4174"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4177","reference_id":"RHSA-2026:4177","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4177"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4211","reference_id":"RHSA-2026:4211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4220","reference_id":"RHSA-2026:4220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4256","reference_id":"RHSA-2026:4256","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4256"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4264","reference_id":"RHSA-2026:4264","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4264"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4267","reference_id":"RHSA-2026:4267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4270","reference_id":"RHSA-2026:4270","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4270"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4276","reference_id":"RHSA-2026:4276","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4276"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4434","reference_id":"RHSA-2026:4434","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4435","reference_id":"RHSA-2026:4435","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4435"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4460","reference_id":"RHSA-2026:4460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4460"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4466","reference_id":"RHSA-2026:4466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4466"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4467","reference_id":"RHSA-2026:4467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4498","reference_id":"RHSA-2026:4498","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4498"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4500","reference_id":"RHSA-2026:4500","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4510","reference_id":"RHSA-2026:4510","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4510"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4511","reference_id":"RHSA-2026:4511","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4511"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4672","reference_id":"RHSA-2026:4672","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4672"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4753","reference_id":"RHSA-2026:4753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4892","reference_id":"RHSA-2026:4892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4901","reference_id":"RHSA-2026:4901","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4901"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4907","reference_id":"RHSA-2026:4907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4939","reference_id":"RHSA-2026:4939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4942","reference_id":"RHSA-2026:4942","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4942"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4943","reference_id":"RHSA-2026:4943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4952","reference_id":"RHSA-2026:4952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4952"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5022","reference_id":"RHSA-2026:5022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5030","reference_id":"RHSA-2026:5030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5031","reference_id":"RHSA-2026:5031","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5076","reference_id":"RHSA-2026:5076","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5076"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5077","reference_id":"RHSA-2026:5077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5078","reference_id":"RHSA-2026:5078","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5078"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5079","reference_id":"RHSA-2026:5079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5079"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5110","reference_id":"RHSA-2026:5110","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5110"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5129","reference_id":"RHSA-2026:5129","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5129"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5130","reference_id":"RHSA-2026:5130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5130"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5131","reference_id":"RHSA-2026:5131","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5131"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5132","reference_id":"RHSA-2026:5132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5145","reference_id":"RHSA-2026:5145","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5145"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5146","reference_id":"RHSA-2026:5146","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5146"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5168","reference_id":"RHSA-2026:5168","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5168"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5327","reference_id":"RHSA-2026:5327","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5394","reference_id":"RHSA-2026:5394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5439","reference_id":"RHSA-2026:5439","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5439"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5444","reference_id":"RHSA-2026:5444","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5444"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5447","reference_id":"RHSA-2026:5447","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5447"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5452","reference_id":"RHSA-2026:5452","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5452"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5461","reference_id":"RHSA-2026:5461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5463","reference_id":"RHSA-2026:5463","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5533","reference_id":"RHSA-2026:5533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5544","reference_id":"RHSA-2026:5544","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5544"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5549","reference_id":"RHSA-2026:5549","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5549"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5636","reference_id":"RHSA-2026:5636","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5636"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5645","reference_id":"RHSA-2026:5645","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5645"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5649","reference_id":"RHSA-2026:5649","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5649"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5665","reference_id":"RHSA-2026:5665","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5665"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5807","reference_id":"RHSA-2026:5807","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5807"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5851","reference_id":"RHSA-2026:5851","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5851"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5852","reference_id":"RHSA-2026:5852","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5852"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5853","reference_id":"RHSA-2026:5853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5948","reference_id":"RHSA-2026:5948","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5948"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5950","reference_id":"RHSA-2026:5950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5952","reference_id":"RHSA-2026:5952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5952"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6184","reference_id":"RHSA-2026:6184","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6184"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6192","reference_id":"RHSA-2026:6192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6226","reference_id":"RHSA-2026:6226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6226"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6251","reference_id":"RHSA-2026:6251","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6251"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6277","reference_id":"RHSA-2026:6277","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6277"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6278","reference_id":"RHSA-2026:6278","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6278"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6428","reference_id":"RHSA-2026:6428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6429","reference_id":"RHSA-2026:6429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6497","reference_id":"RHSA-2026:6497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6554","reference_id":"RHSA-2026:6554","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6554"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6564","reference_id":"RHSA-2026:6564","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6564"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6567","reference_id":"RHSA-2026:6567","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6567"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6568","reference_id":"RHSA-2026:6568","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6568"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7052","reference_id":"RHSA-2026:7052","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7052"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7249","reference_id":"RHSA-2026:7249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7676","reference_id":"RHSA-2026:7676","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7676"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7854","reference_id":"RHSA-2026:7854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7942","reference_id":"RHSA-2026:7942","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7942"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8151","reference_id":"RHSA-2026:8151","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8151"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8167","reference_id":"RHSA-2026:8167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8218","reference_id":"RHSA-2026:8218","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8218"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8229","reference_id":"RHSA-2026:8229","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8229"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8337","reference_id":"RHSA-2026:8337","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8337"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8338","reference_id":"RHSA-2026:8338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8431","reference_id":"RHSA-2026:8431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8433","reference_id":"RHSA-2026:8433","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8433"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8483","reference_id":"RHSA-2026:8483","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8483"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9097","reference_id":"RHSA-2026:9097","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9097"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9098","reference_id":"RHSA-2026:9098","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9098"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9108","reference_id":"RHSA-2026:9108","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9108"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9109","reference_id":"RHSA-2026:9109","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9109"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9848","reference_id":"RHSA-2026:9848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9848"},{"reference_url":"https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc","reference_id":"Vd2tYVM8eUc","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-29T18:31:39Z/"}],"url":"https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923849?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.6-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.6-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/923846?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-245f-jhkn-w3ck"},{"vulnerability":"VCID-91yp-p6st-8ucd"},{"vulnerability":"VCID-ju53-xpej-3qca"},{"vulnerability":"VCID-s176-xcrb-e3ea"},{"vulnerability":"VCID-svbs-h3y5-wfbn"},{"vulnerability":"VCID-t19m-gs1u-rbfp"},{"vulnerability":"VCID-tf52-aa91-4kf3"},{"vulnerability":"VCID-tmb1-tq9e-puhd"},{"vulnerability":"VCID-vw1r-8zev-ykf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2025-61726"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dtt9-gmqf-nbaf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64685?format=json","vulnerability_id":"VCID-eyev-qpgs-hfbx","summary":"cmd/cgo: Go cgo: Code smuggling due to comment parsing discrepancy","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61732.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61732.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61732","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00386","published_at":"2026-04-04T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.0037","published_at":"2026-04-11T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00374","published_at":"2026-04-07T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00371","published_at":"2026-04-08T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00372","published_at":"2026-04-09T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00367","published_at":"2026-04-12T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00365","published_at":"2026-04-13T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00621","published_at":"2026-04-24T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.0063","published_at":"2026-05-05T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00624","published_at":"2026-04-29T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00627","published_at":"2026-05-07T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00615","published_at":"2026-05-11T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00611","published_at":"2026-05-12T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00623","published_at":"2026-05-09T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00614","published_at":"2026-05-14T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00613","published_at":"2026-05-15T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00522","published_at":"2026-04-16T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00526","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61732"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61732","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61732"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127436","reference_id":"1127436","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127436"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2437016","reference_id":"2437016","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2437016"},{"reference_url":"https://go.dev/cl/734220","reference_id":"734220","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-05T14:56:35Z/"}],"url":"https://go.dev/cl/734220"},{"reference_url":"https://go.dev/issue/76697","reference_id":"76697","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-05T14:56:35Z/"}],"url":"https://go.dev/issue/76697"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4433","reference_id":"GO-2026-4433","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-05T14:56:35Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4433"},{"reference_url":"https://groups.google.com/g/golang-announce/c/K09ubi9FQFk","reference_id":"K09ubi9FQFk","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-05T14:56:35Z/"}],"url":"https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10104","reference_id":"RHSA-2026:10104","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10104"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12282","reference_id":"RHSA-2026:12282","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12282"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14100","reference_id":"RHSA-2026:14100","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14774","reference_id":"RHSA-2026:14774","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14774"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15091","reference_id":"RHSA-2026:15091","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15091"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2706","reference_id":"RHSA-2026:2706","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2706"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2708","reference_id":"RHSA-2026:2708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2708"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2709","reference_id":"RHSA-2026:2709","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2709"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2844","reference_id":"RHSA-2026:2844","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3192","reference_id":"RHSA-2026:3192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3193","reference_id":"RHSA-2026:3193","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3193"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3468","reference_id":"RHSA-2026:3468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3468"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3469","reference_id":"RHSA-2026:3469","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3469"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3470","reference_id":"RHSA-2026:3470","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3470"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3471","reference_id":"RHSA-2026:3471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3472","reference_id":"RHSA-2026:3472","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3472"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3473","reference_id":"RHSA-2026:3473","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3473"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3489","reference_id":"RHSA-2026:3489","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3489"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3556","reference_id":"RHSA-2026:3556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3556"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3559","reference_id":"RHSA-2026:3559","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3559"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3855","reference_id":"RHSA-2026:3855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4434","reference_id":"RHSA-2026:4434","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5133","reference_id":"RHSA-2026:5133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5907","reference_id":"RHSA-2026:5907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5948","reference_id":"RHSA-2026:5948","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5948"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5950","reference_id":"RHSA-2026:5950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5952","reference_id":"RHSA-2026:5952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5952"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8448","reference_id":"RHSA-2026:8448","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8448"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923850?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.7-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.7-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/923846?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-245f-jhkn-w3ck"},{"vulnerability":"VCID-91yp-p6st-8ucd"},{"vulnerability":"VCID-ju53-xpej-3qca"},{"vulnerability":"VCID-s176-xcrb-e3ea"},{"vulnerability":"VCID-svbs-h3y5-wfbn"},{"vulnerability":"VCID-t19m-gs1u-rbfp"},{"vulnerability":"VCID-tf52-aa91-4kf3"},{"vulnerability":"VCID-tmb1-tq9e-puhd"},{"vulnerability":"VCID-vw1r-8zev-ykf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2025-61732"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"6.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eyev-qpgs-hfbx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/350604?format=json","vulnerability_id":"VCID-gtys-5r5h-p7ht","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33810.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33810.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33810","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01404","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.0139","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01393","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.014","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01409","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01216","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01389","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01399","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01708","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01702","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01703","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01694","published_at":"2026-05-12T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00211","published_at":"2026-04-13T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00276","published_at":"2026-04-08T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00274","published_at":"2026-04-09T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00212","published_at":"2026-04-11T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00967","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33810"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","reference_id":"0uYbvbPZRWU","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:57Z/"}],"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456335","reference_id":"2456335","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456335"},{"reference_url":"https://go.dev/cl/763763","reference_id":"763763","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:57Z/"}],"url":"https://go.dev/cl/763763"},{"reference_url":"https://go.dev/issue/78332","reference_id":"78332","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:57Z/"}],"url":"https://go.dev/issue/78332"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4866","reference_id":"GO-2026-4866","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:57Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10155","reference_id":"RHSA-2026:10155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10158","reference_id":"RHSA-2026:10158","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10158"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11330","reference_id":"RHSA-2026:11330","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11330"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11331","reference_id":"RHSA-2026:11331","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11331"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13545","reference_id":"RHSA-2026:13545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13791","reference_id":"RHSA-2026:13791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14391","reference_id":"RHSA-2026:14391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9385","reference_id":"RHSA-2026:9385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923851?format=json","purl":"pkg:deb/debian/golang-1.25@0?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@0%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/923846?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-245f-jhkn-w3ck"},{"vulnerability":"VCID-91yp-p6st-8ucd"},{"vulnerability":"VCID-ju53-xpej-3qca"},{"vulnerability":"VCID-s176-xcrb-e3ea"},{"vulnerability":"VCID-svbs-h3y5-wfbn"},{"vulnerability":"VCID-t19m-gs1u-rbfp"},{"vulnerability":"VCID-tf52-aa91-4kf3"},{"vulnerability":"VCID-tmb1-tq9e-puhd"},{"vulnerability":"VCID-vw1r-8zev-ykf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2026-33810"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gtys-5r5h-p7ht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66412?format=json","vulnerability_id":"VCID-hay4-q9m3-ekdj","summary":"crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61729.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61729.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61729","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01544","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01528","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01529","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01538","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04243","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04215","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04231","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.0591","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06181","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06153","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06307","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06325","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06351","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06363","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0614","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06124","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06166","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06204","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06195","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0619","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06141","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61729"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61729","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61729"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121847","reference_id":"1121847","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121847"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121848","reference_id":"1121848","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121848"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2418462","reference_id":"2418462","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2418462"},{"reference_url":"https://go.dev/cl/725920","reference_id":"725920","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:52:36Z/"}],"url":"https://go.dev/cl/725920"},{"reference_url":"https://go.dev/issue/76445","reference_id":"76445","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:52:36Z/"}],"url":"https://go.dev/issue/76445"},{"reference_url":"https://groups.google.com/g/golang-announce/c/8FJoBkPddm4","reference_id":"8FJoBkPddm4","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:52:36Z/"}],"url":"https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"},{"reference_url":"https://pkg.go.dev/vuln/GO-2025-4155","reference_id":"GO-2025-4155","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:52:36Z/"}],"url":"https://pkg.go.dev/vuln/GO-2025-4155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0921","reference_id":"RHSA-2026:0921","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0921"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0922","reference_id":"RHSA-2026:0922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0923","reference_id":"RHSA-2026:0923","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0923"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0981","reference_id":"RHSA-2026:0981","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0990","reference_id":"RHSA-2026:0990","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0990"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1018","reference_id":"RHSA-2026:1018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10184","reference_id":"RHSA-2026:10184","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10184"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10225","reference_id":"RHSA-2026:10225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10250","reference_id":"RHSA-2026:10250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1038","reference_id":"RHSA-2026:1038","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1038"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1042","reference_id":"RHSA-2026:1042","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1042"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10698","reference_id":"RHSA-2026:10698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11408","reference_id":"RHSA-2026:11408","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11408"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1166","reference_id":"RHSA-2026:1166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1168","reference_id":"RHSA-2026:1168","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1168"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11749","reference_id":"RHSA-2026:11749","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11749"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12028","reference_id":"RHSA-2026:12028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12029","reference_id":"RHSA-2026:12029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12029"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12030","reference_id":"RHSA-2026:12030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12031","reference_id":"RHSA-2026:12031","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12032","reference_id":"RHSA-2026:12032","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12032"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12033","reference_id":"RHSA-2026:12033","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12033"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12279","reference_id":"RHSA-2026:12279","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12279"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1249","reference_id":"RHSA-2026:1249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1344","reference_id":"RHSA-2026:1344","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1344"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13542","reference_id":"RHSA-2026:13542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13571","reference_id":"RHSA-2026:13571","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13571"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1416","reference_id":"RHSA-2026:1416","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1416"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1431","reference_id":"RHSA-2026:1431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14868","reference_id":"RHSA-2026:14868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1497","reference_id":"RHSA-2026:1497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1506","reference_id":"RHSA-2026:1506","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1506"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1517","reference_id":"RHSA-2026:1517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1518","reference_id":"RHSA-2026:1518","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1518"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15979","reference_id":"RHSA-2026:15979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15979"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16102","reference_id":"RHSA-2026:16102","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16102"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16696","reference_id":"RHSA-2026:16696","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17040","reference_id":"RHSA-2026:17040","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17084","reference_id":"RHSA-2026:17084","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17084"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1715","reference_id":"RHSA-2026:1715","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1715"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17547","reference_id":"RHSA-2026:17547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17547"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17550","reference_id":"RHSA-2026:17550","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17550"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1813","reference_id":"RHSA-2026:1813","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1813"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1814","reference_id":"RHSA-2026:1814","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1814"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1845","reference_id":"RHSA-2026:1845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1896","reference_id":"RHSA-2026:1896","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1896"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1907","reference_id":"RHSA-2026:1907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1908","reference_id":"RHSA-2026:1908","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1908"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1938","reference_id":"RHSA-2026:1938","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1938"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1942","reference_id":"RHSA-2026:1942","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1942"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2123","reference_id":"RHSA-2026:2123","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2123"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2124","reference_id":"RHSA-2026:2124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2124"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2133","reference_id":"RHSA-2026:2133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2136","reference_id":"RHSA-2026:2136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2138","reference_id":"RHSA-2026:2138","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2138"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2144","reference_id":"RHSA-2026:2144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2146","reference_id":"RHSA-2026:2146","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2146"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2147","reference_id":"RHSA-2026:2147","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2147"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2148","reference_id":"RHSA-2026:2148","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2148"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2149","reference_id":"RHSA-2026:2149","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2149"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2201","reference_id":"RHSA-2026:2201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2217","reference_id":"RHSA-2026:2217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2218","reference_id":"RHSA-2026:2218","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2218"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2219","reference_id":"RHSA-2026:2219","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2219"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2223","reference_id":"RHSA-2026:2223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2223"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2265","reference_id":"RHSA-2026:2265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2320","reference_id":"RHSA-2026:2320","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2323","reference_id":"RHSA-2026:2323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2334","reference_id":"RHSA-2026:2334","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2334"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2343","reference_id":"RHSA-2026:2343","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2367","reference_id":"RHSA-2026:2367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2371","reference_id":"RHSA-2026:2371","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2371"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2374","reference_id":"RHSA-2026:2374","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2374"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2375","reference_id":"RHSA-2026:2375","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2375"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2376","reference_id":"RHSA-2026:2376","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2376"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2441","reference_id":"RHSA-2026:2441","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2441"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2454","reference_id":"RHSA-2026:2454","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2454"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2456","reference_id":"RHSA-2026:2456","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2571","reference_id":"RHSA-2026:2571","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2571"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2654","reference_id":"RHSA-2026:2654","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2654"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2675","reference_id":"RHSA-2026:2675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2675"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2681","reference_id":"RHSA-2026:2681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2754","reference_id":"RHSA-2026:2754","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2754"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2762","reference_id":"RHSA-2026:2762","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2762"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2914","reference_id":"RHSA-2026:2914","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2914"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2920","reference_id":"RHSA-2026:2920","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2920"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2921","reference_id":"RHSA-2026:2921","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2921"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2922","reference_id":"RHSA-2026:2922","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2926","reference_id":"RHSA-2026:2926","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2926"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2927","reference_id":"RHSA-2026:2927","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2927"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2951","reference_id":"RHSA-2026:2951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3035","reference_id":"RHSA-2026:3035","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3035"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3040","reference_id":"RHSA-2026:3040","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3053","reference_id":"RHSA-2026:3053","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3053"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3087","reference_id":"RHSA-2026:3087","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3087"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3104","reference_id":"RHSA-2026:3104","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3104"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3107","reference_id":"RHSA-2026:3107","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3107"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3108","reference_id":"RHSA-2026:3108","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3108"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3111","reference_id":"RHSA-2026:3111","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3111"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3184","reference_id":"RHSA-2026:3184","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3184"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3287","reference_id":"RHSA-2026:3287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3288","reference_id":"RHSA-2026:3288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3288"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3289","reference_id":"RHSA-2026:3289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3291","reference_id":"RHSA-2026:3291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3296","reference_id":"RHSA-2026:3296","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3296"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3297","reference_id":"RHSA-2026:3297","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3297"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3298","reference_id":"RHSA-2026:3298","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3298"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3336","reference_id":"RHSA-2026:3336","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3336"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3337","reference_id":"RHSA-2026:3337","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3337"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3340","reference_id":"RHSA-2026:3340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3340"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3341","reference_id":"RHSA-2026:3341","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3341"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3343","reference_id":"RHSA-2026:3343","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3428","reference_id":"RHSA-2026:3428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3459","reference_id":"RHSA-2026:3459","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3459"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3506","reference_id":"RHSA-2026:3506","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3506"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3713","reference_id":"RHSA-2026:3713","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3713"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3752","reference_id":"RHSA-2026:3752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3753","reference_id":"RHSA-2026:3753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3782","reference_id":"RHSA-2026:3782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3812","reference_id":"RHSA-2026:3812","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3812"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3815","reference_id":"RHSA-2026:3815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3816","reference_id":"RHSA-2026:3816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3817","reference_id":"RHSA-2026:3817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3818","reference_id":"RHSA-2026:3818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3820","reference_id":"RHSA-2026:3820","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3821","reference_id":"RHSA-2026:3821","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3821"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3822","reference_id":"RHSA-2026:3822","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3827","reference_id":"RHSA-2026:3827","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3827"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3831","reference_id":"RHSA-2026:3831","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3831"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3833","reference_id":"RHSA-2026:3833","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3833"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3835","reference_id":"RHSA-2026:3835","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3835"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3836","reference_id":"RHSA-2026:3836","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3836"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3838","reference_id":"RHSA-2026:3838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3839","reference_id":"RHSA-2026:3839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3840","reference_id":"RHSA-2026:3840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3841","reference_id":"RHSA-2026:3841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3843","reference_id":"RHSA-2026:3843","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3843"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3854","reference_id":"RHSA-2026:3854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3864","reference_id":"RHSA-2026:3864","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3864"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3879","reference_id":"RHSA-2026:3879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3880","reference_id":"RHSA-2026:3880","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3884","reference_id":"RHSA-2026:3884","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3884"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3905","reference_id":"RHSA-2026:3905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3928","reference_id":"RHSA-2026:3928","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3928"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3929","reference_id":"RHSA-2026:3929","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3929"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3930","reference_id":"RHSA-2026:3930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3931","reference_id":"RHSA-2026:3931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3932","reference_id":"RHSA-2026:3932","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3932"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3970","reference_id":"RHSA-2026:3970","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3970"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3971","reference_id":"RHSA-2026:3971","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3971"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3972","reference_id":"RHSA-2026:3972","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3972"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3973","reference_id":"RHSA-2026:3973","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3973"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3974","reference_id":"RHSA-2026:3974","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3974"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4164","reference_id":"RHSA-2026:4164","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4166","reference_id":"RHSA-2026:4166","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4185","reference_id":"RHSA-2026:4185","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4211","reference_id":"RHSA-2026:4211","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4211"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4215","reference_id":"RHSA-2026:4215","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4215"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4270","reference_id":"RHSA-2026:4270","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4270"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4276","reference_id":"RHSA-2026:4276","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4276"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4434","reference_id":"RHSA-2026:4434","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4464","reference_id":"RHSA-2026:4464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4466","reference_id":"RHSA-2026:4466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4466"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4467","reference_id":"RHSA-2026:4467","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4467"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4498","reference_id":"RHSA-2026:4498","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4498"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4500","reference_id":"RHSA-2026:4500","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4510","reference_id":"RHSA-2026:4510","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4510"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4753","reference_id":"RHSA-2026:4753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4892","reference_id":"RHSA-2026:4892","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4901","reference_id":"RHSA-2026:4901","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4901"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4907","reference_id":"RHSA-2026:4907","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4907"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4936","reference_id":"RHSA-2026:4936","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4936"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4939","reference_id":"RHSA-2026:4939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4942","reference_id":"RHSA-2026:4942","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4942"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4952","reference_id":"RHSA-2026:4952","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4952"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5022","reference_id":"RHSA-2026:5022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5030","reference_id":"RHSA-2026:5030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5031","reference_id":"RHSA-2026:5031","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5076","reference_id":"RHSA-2026:5076","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5076"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5077","reference_id":"RHSA-2026:5077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5078","reference_id":"RHSA-2026:5078","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5078"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5079","reference_id":"RHSA-2026:5079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5079"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5110","reference_id":"RHSA-2026:5110","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5110"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5146","reference_id":"RHSA-2026:5146","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5146"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5327","reference_id":"RHSA-2026:5327","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5394","reference_id":"RHSA-2026:5394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5461","reference_id":"RHSA-2026:5461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5533","reference_id":"RHSA-2026:5533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5544","reference_id":"RHSA-2026:5544","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5544"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5636","reference_id":"RHSA-2026:5636","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5636"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5645","reference_id":"RHSA-2026:5645","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5645"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5807","reference_id":"RHSA-2026:5807","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5807"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5851","reference_id":"RHSA-2026:5851","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5851"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5852","reference_id":"RHSA-2026:5852","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5852"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5853","reference_id":"RHSA-2026:5853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5866","reference_id":"RHSA-2026:5866","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6184","reference_id":"RHSA-2026:6184","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6184"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6192","reference_id":"RHSA-2026:6192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6192"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6226","reference_id":"RHSA-2026:6226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6226"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6428","reference_id":"RHSA-2026:6428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6568","reference_id":"RHSA-2026:6568","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6568"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7052","reference_id":"RHSA-2026:7052","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7052"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7676","reference_id":"RHSA-2026:7676","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7676"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7854","reference_id":"RHSA-2026:7854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7854"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7942","reference_id":"RHSA-2026:7942","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7942"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8151","reference_id":"RHSA-2026:8151","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8151"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8167","reference_id":"RHSA-2026:8167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8218","reference_id":"RHSA-2026:8218","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8218"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8337","reference_id":"RHSA-2026:8337","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8337"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8338","reference_id":"RHSA-2026:8338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8433","reference_id":"RHSA-2026:8433","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8433"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9097","reference_id":"RHSA-2026:9097","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9097"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9098","reference_id":"RHSA-2026:9098","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9098"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9108","reference_id":"RHSA-2026:9108","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9108"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9109","reference_id":"RHSA-2026:9109","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9109"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9848","reference_id":"RHSA-2026:9848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9848"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923849?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.6-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.6-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/923846?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-245f-jhkn-w3ck"},{"vulnerability":"VCID-91yp-p6st-8ucd"},{"vulnerability":"VCID-ju53-xpej-3qca"},{"vulnerability":"VCID-s176-xcrb-e3ea"},{"vulnerability":"VCID-svbs-h3y5-wfbn"},{"vulnerability":"VCID-t19m-gs1u-rbfp"},{"vulnerability":"VCID-tf52-aa91-4kf3"},{"vulnerability":"VCID-tmb1-tq9e-puhd"},{"vulnerability":"VCID-vw1r-8zev-ykf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2025-61729"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hay4-q9m3-ekdj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/357445?format=json","vulnerability_id":"VCID-hzsm-8a8e-xyeu","summary":"The Dial and LookupPort functions panic on Windows when provided with an input containing a NUL (0).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-39836","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04714","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04706","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04717","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05558","published_at":"2026-05-15T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05555","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-39836"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://go.dev/cl/775320","reference_id":"775320","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-08T16:36:25Z/"}],"url":"https://go.dev/cl/775320"},{"reference_url":"https://go.dev/issue/79006","reference_id":"79006","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-08T16:36:25Z/"}],"url":"https://go.dev/issue/79006"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4971","reference_id":"GO-2026-4971","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-08T16:36:25Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4971"},{"reference_url":"https://groups.google.com/g/golang-announce/c/qcCIEXso47M","reference_id":"qcCIEXso47M","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-08T16:36:25Z/"}],"url":"https://groups.google.com/g/golang-announce/c/qcCIEXso47M"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923851?format=json","purl":"pkg:deb/debian/golang-1.25@0?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@0%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2026-39836"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hzsm-8a8e-xyeu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96840?format=json","vulnerability_id":"VCID-je6z-v5qw-ufew","summary":"During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries (for instance the Client Hello and Encrypted Extensions messages), the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosure if a network-local attacker can inject messages during the handshake.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61730.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61730.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61730","reference_id":"","reference_type":"","scores":[{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00783","published_at":"2026-04-04T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00781","published_at":"2026-04-02T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00824","published_at":"2026-04-18T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00871","published_at":"2026-04-24T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00874","published_at":"2026-04-26T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00872","published_at":"2026-04-29T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00873","published_at":"2026-05-05T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00867","published_at":"2026-05-07T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00862","published_at":"2026-05-09T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00857","published_at":"2026-05-11T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00851","published_at":"2026-05-12T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00858","published_at":"2026-05-15T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00834","published_at":"2026-04-07T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00839","published_at":"2026-04-08T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00835","published_at":"2026-04-09T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00818","published_at":"2026-04-12T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.0082","published_at":"2026-04-13T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00819","published_at":"2026-04-16T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00869","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-61730"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61730","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-61730"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125916","reference_id":"1125916","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125916"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125917","reference_id":"1125917","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125917"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2434430","reference_id":"2434430","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2434430"},{"reference_url":"https://go.dev/cl/724120","reference_id":"724120","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-02T17:28:46Z/"}],"url":"https://go.dev/cl/724120"},{"reference_url":"https://go.dev/issue/76443","reference_id":"76443","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-02T17:28:46Z/"}],"url":"https://go.dev/issue/76443"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4340","reference_id":"GO-2026-4340","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-02T17:28:46Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4340"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"},{"reference_url":"https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc","reference_id":"Vd2tYVM8eUc","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-02T17:28:46Z/"}],"url":"https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923849?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.6-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.6-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/923846?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-245f-jhkn-w3ck"},{"vulnerability":"VCID-91yp-p6st-8ucd"},{"vulnerability":"VCID-ju53-xpej-3qca"},{"vulnerability":"VCID-s176-xcrb-e3ea"},{"vulnerability":"VCID-svbs-h3y5-wfbn"},{"vulnerability":"VCID-t19m-gs1u-rbfp"},{"vulnerability":"VCID-tf52-aa91-4kf3"},{"vulnerability":"VCID-tmb1-tq9e-puhd"},{"vulnerability":"VCID-vw1r-8zev-ykf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2025-61730"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-je6z-v5qw-ufew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/350579?format=json","vulnerability_id":"VCID-ju53-xpej-3qca","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27140.json","reference_id":"","reference_type":"","scores":[{"value":"9.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27140.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27140","reference_id":"","reference_type":"","scores":[{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02722","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02801","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02765","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02748","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02776","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02635","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02746","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02735","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03451","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03512","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03495","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03458","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05345","published_at":"2026-04-16T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00655","published_at":"2026-04-08T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00646","published_at":"2026-04-13T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00649","published_at":"2026-04-11T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00644","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27140"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","reference_id":"0uYbvbPZRWU","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:55:58Z/"}],"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456341","reference_id":"2456341","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456341"},{"reference_url":"https://go.dev/cl/763768","reference_id":"763768","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:55:58Z/"}],"url":"https://go.dev/cl/763768"},{"reference_url":"https://go.dev/issue/78335","reference_id":"78335","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:55:58Z/"}],"url":"https://go.dev/issue/78335"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4871","reference_id":"GO-2026-4871","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:55:58Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4871"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10217","reference_id":"RHSA-2026:10217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10219","reference_id":"RHSA-2026:10219","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10219"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10704","reference_id":"RHSA-2026:10704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16021","reference_id":"RHSA-2026:16021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16024","reference_id":"RHSA-2026:16024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16494","reference_id":"RHSA-2026:16494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16497","reference_id":"RHSA-2026:16497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16498","reference_id":"RHSA-2026:16498","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16498"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16694","reference_id":"RHSA-2026:16694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16697","reference_id":"RHSA-2026:16697","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16697"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16698","reference_id":"RHSA-2026:16698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16698"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2026-27140"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ju53-xpej-3qca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67452?format=json","vulnerability_id":"VCID-kjf2-r6zt-zqg9","summary":"net/http: CrossOriginProtection bypass in net/http","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-47910.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-47910.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-47910","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01189","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01527","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01211","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01214","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.012","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01194","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01197","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01186","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01549","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01536","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.0153","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01523","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01521","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01518","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01529","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01195","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01204","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.0174","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01641","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01734","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02183","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-47910"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1116341","reference_id":"1116341","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1116341"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2397528","reference_id":"2397528","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2397528"},{"reference_url":"https://go.dev/cl/699275","reference_id":"699275","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-24T13:29:38Z/"}],"url":"https://go.dev/cl/699275"},{"reference_url":"https://go.dev/issue/75054","reference_id":"75054","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-24T13:29:38Z/"}],"url":"https://go.dev/issue/75054"},{"reference_url":"https://groups.google.com/g/golang-announce/c/PtW9VW21NPs/m/DJhMQ-m5AQAJ","reference_id":"DJhMQ-m5AQAJ","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-24T13:29:38Z/"}],"url":"https://groups.google.com/g/golang-announce/c/PtW9VW21NPs/m/DJhMQ-m5AQAJ"},{"reference_url":"https://pkg.go.dev/vuln/GO-2025-3955","reference_id":"GO-2025-3955","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-24T13:29:38Z/"}],"url":"https://pkg.go.dev/vuln/GO-2025-3955"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923847?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.1-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/923846?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-245f-jhkn-w3ck"},{"vulnerability":"VCID-91yp-p6st-8ucd"},{"vulnerability":"VCID-ju53-xpej-3qca"},{"vulnerability":"VCID-s176-xcrb-e3ea"},{"vulnerability":"VCID-svbs-h3y5-wfbn"},{"vulnerability":"VCID-t19m-gs1u-rbfp"},{"vulnerability":"VCID-tf52-aa91-4kf3"},{"vulnerability":"VCID-tmb1-tq9e-puhd"},{"vulnerability":"VCID-vw1r-8zev-ykf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2025-47910"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kjf2-r6zt-zqg9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66647?format=json","vulnerability_id":"VCID-mvsr-c2yh-mbdq","summary":"golang: archive/tar: Unbounded allocation when parsing GNU sparse map","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58183.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58183.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-58183","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01876","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01864","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04195","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03952","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03932","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03945","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04081","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04099","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04093","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04121","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.0416","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04162","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04166","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04183","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.0401","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04028","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03998","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.03982","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04898","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04813","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-58183"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58183","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58183"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407258","reference_id":"2407258","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407258"},{"reference_url":"https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI","reference_id":"4Emdl2iQ_bI","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:22:41Z/"}],"url":"https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"},{"reference_url":"https://go.dev/cl/709861","reference_id":"709861","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:22:41Z/"}],"url":"https://go.dev/cl/709861"},{"reference_url":"https://go.dev/issue/75677","reference_id":"75677","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:22:41Z/"}],"url":"https://go.dev/issue/75677"},{"reference_url":"https://pkg.go.dev/vuln/GO-2025-4014","reference_id":"GO-2025-4014","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:22:41Z/"}],"url":"https://pkg.go.dev/vuln/GO-2025-4014"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21778","reference_id":"RHSA-2025:21778","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21778"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21779","reference_id":"RHSA-2025:21779","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21779"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21815","reference_id":"RHSA-2025:21815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21816","reference_id":"RHSA-2025:21816","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21856","reference_id":"RHSA-2025:21856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21964","reference_id":"RHSA-2025:21964","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21964"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22011","reference_id":"RHSA-2025:22011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22012","reference_id":"RHSA-2025:22012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22030","reference_id":"RHSA-2025:22030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22181","reference_id":"RHSA-2025:22181","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22181"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22255","reference_id":"RHSA-2025:22255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22255"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22345","reference_id":"RHSA-2025:22345","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22345"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22668","reference_id":"RHSA-2025:22668","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22668"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22738","reference_id":"RHSA-2025:22738","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22738"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22743","reference_id":"RHSA-2025:22743","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22743"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22759","reference_id":"RHSA-2025:22759","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22759"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22899","reference_id":"RHSA-2025:22899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23001","reference_id":"RHSA-2025:23001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23002","reference_id":"RHSA-2025:23002","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23002"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23087","reference_id":"RHSA-2025:23087","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23087"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23088","reference_id":"RHSA-2025:23088","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23088"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23294","reference_id":"RHSA-2025:23294","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23294"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23295","reference_id":"RHSA-2025:23295","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23295"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23325","reference_id":"RHSA-2025:23325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23326","reference_id":"RHSA-2025:23326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23347","reference_id":"RHSA-2025:23347","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23347"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23348","reference_id":"RHSA-2025:23348","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23374","reference_id":"RHSA-2025:23374","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23374"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23394","reference_id":"RHSA-2025:23394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23421","reference_id":"RHSA-2025:23421","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23421"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23546","reference_id":"RHSA-2025:23546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23733","reference_id":"RHSA-2025:23733","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23733"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23736","reference_id":"RHSA-2025:23736","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23736"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23737","reference_id":"RHSA-2025:23737","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23737"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23740","reference_id":"RHSA-2025:23740","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23740"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23741","reference_id":"RHSA-2025:23741","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23741"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23746","reference_id":"RHSA-2025:23746","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23746"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23747","reference_id":"RHSA-2025:23747","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23747"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23948","reference_id":"RHSA-2025:23948","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23948"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0226","reference_id":"RHSA-2026:0226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0226"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0227","reference_id":"RHSA-2026:0227","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0227"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0243","reference_id":"RHSA-2026:0243","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0243"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0244","reference_id":"RHSA-2026:0244","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0244"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0245","reference_id":"RHSA-2026:0245","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0245"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0246","reference_id":"RHSA-2026:0246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0314","reference_id":"RHSA-2026:0314","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0314"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0424","reference_id":"RHSA-2026:0424","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0424"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0426","reference_id":"RHSA-2026:0426","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0426"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0477","reference_id":"RHSA-2026:0477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0527","reference_id":"RHSA-2026:0527","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0527"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0530","reference_id":"RHSA-2026:0530","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0530"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0663","reference_id":"RHSA-2026:0663","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0663"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0671","reference_id":"RHSA-2026:0671","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0671"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0973","reference_id":"RHSA-2026:0973","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0973"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0987","reference_id":"RHSA-2026:0987","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0987"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1018","reference_id":"RHSA-2026:1018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1025","reference_id":"RHSA-2026:1025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1025"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1067","reference_id":"RHSA-2026:1067","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1067"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10703","reference_id":"RHSA-2026:10703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1071","reference_id":"RHSA-2026:1071","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1071"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1072","reference_id":"RHSA-2026:1072","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1072"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12279","reference_id":"RHSA-2026:12279","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12279"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13542","reference_id":"RHSA-2026:13542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13548","reference_id":"RHSA-2026:13548","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13548"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1377","reference_id":"RHSA-2026:1377","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1377"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1378","reference_id":"RHSA-2026:1378","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1379","reference_id":"RHSA-2026:1379","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1379"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1380","reference_id":"RHSA-2026:1380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1381","reference_id":"RHSA-2026:1381","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1488","reference_id":"RHSA-2026:1488","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1488"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1517","reference_id":"RHSA-2026:1517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1517"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1520","reference_id":"RHSA-2026:1520","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1520"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1552","reference_id":"RHSA-2026:1552","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1552"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1837","reference_id":"RHSA-2026:1837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1838","reference_id":"RHSA-2026:1838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1942","reference_id":"RHSA-2026:1942","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1942"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2071","reference_id":"RHSA-2026:2071","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2071"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2082","reference_id":"RHSA-2026:2082","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2082"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2129","reference_id":"RHSA-2026:2129","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2129"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2343","reference_id":"RHSA-2026:2343","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2350","reference_id":"RHSA-2026:2350","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2350"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2351","reference_id":"RHSA-2026:2351","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2456","reference_id":"RHSA-2026:2456","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2568","reference_id":"RHSA-2026:2568","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2568"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2571","reference_id":"RHSA-2026:2571","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2571"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2711","reference_id":"RHSA-2026:2711","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2711"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2737","reference_id":"RHSA-2026:2737","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2737"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2900","reference_id":"RHSA-2026:2900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3108","reference_id":"RHSA-2026:3108","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3108"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3875","reference_id":"RHSA-2026:3875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3905","reference_id":"RHSA-2026:3905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4215","reference_id":"RHSA-2026:4215","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4215"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4418","reference_id":"RHSA-2026:4418","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4418"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4423","reference_id":"RHSA-2026:4423","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4423"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4434","reference_id":"RHSA-2026:4434","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4464","reference_id":"RHSA-2026:4464","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4482","reference_id":"RHSA-2026:4482","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4482"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4510","reference_id":"RHSA-2026:4510","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4510"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4532","reference_id":"RHSA-2026:4532","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4532"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4533","reference_id":"RHSA-2026:4533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4693","reference_id":"RHSA-2026:4693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4936","reference_id":"RHSA-2026:4936","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4936"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5086","reference_id":"RHSA-2026:5086","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5086"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5107","reference_id":"RHSA-2026:5107","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5107"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5234","reference_id":"RHSA-2026:5234","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5234"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5394","reference_id":"RHSA-2026:5394","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5394"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5636","reference_id":"RHSA-2026:5636","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5636"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5645","reference_id":"RHSA-2026:5645","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5645"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5866","reference_id":"RHSA-2026:5866","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5876","reference_id":"RHSA-2026:5876","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5876"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6191","reference_id":"RHSA-2026:6191","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6191"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6226","reference_id":"RHSA-2026:6226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6226"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6493","reference_id":"RHSA-2026:6493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6564","reference_id":"RHSA-2026:6564","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6564"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7252","reference_id":"RHSA-2026:7252","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7252"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8218","reference_id":"RHSA-2026:8218","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8218"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8229","reference_id":"RHSA-2026:8229","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8229"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8325","reference_id":"RHSA-2026:8325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8325"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923848?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/923846?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-245f-jhkn-w3ck"},{"vulnerability":"VCID-91yp-p6st-8ucd"},{"vulnerability":"VCID-ju53-xpej-3qca"},{"vulnerability":"VCID-s176-xcrb-e3ea"},{"vulnerability":"VCID-svbs-h3y5-wfbn"},{"vulnerability":"VCID-t19m-gs1u-rbfp"},{"vulnerability":"VCID-tf52-aa91-4kf3"},{"vulnerability":"VCID-tmb1-tq9e-puhd"},{"vulnerability":"VCID-vw1r-8zev-ykf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2025-58183"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mvsr-c2yh-mbdq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64346?format=json","vulnerability_id":"VCID-pcez-y67t-8yg3","summary":"net/url: Incorrect parsing of IPv6 host literals in net/url","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25679.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25679.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-25679","reference_id":"","reference_type":"","scores":[{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08816","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08768","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09802","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09672","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09743","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09793","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09771","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09754","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.0964","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09612","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13678","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13684","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15881","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16065","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16041","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16074","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16013","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.15853","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.15964","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.15973","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16017","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-25679"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2445356","reference_id":"2445356","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2445356"},{"reference_url":"https://go.dev/cl/752180","reference_id":"752180","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:36:26Z/"}],"url":"https://go.dev/cl/752180"},{"reference_url":"https://go.dev/issue/77578","reference_id":"77578","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:36:26Z/"}],"url":"https://go.dev/issue/77578"},{"reference_url":"https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk","reference_id":"EdhZqrQ98hk","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:36:26Z/"}],"url":"https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4601","reference_id":"GO-2026-4601","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:36:26Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4601"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10065","reference_id":"RHSA-2026:10065","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10065"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10125","reference_id":"RHSA-2026:10125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10133","reference_id":"RHSA-2026:10133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10140","reference_id":"RHSA-2026:10140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10140"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10141","reference_id":"RHSA-2026:10141","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10141"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10158","reference_id":"RHSA-2026:10158","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10158"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10169","reference_id":"RHSA-2026:10169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10175","reference_id":"RHSA-2026:10175","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10175"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10184","reference_id":"RHSA-2026:10184","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10184"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10225","reference_id":"RHSA-2026:10225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10250","reference_id":"RHSA-2026:10250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10701","reference_id":"RHSA-2026:10701","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10701"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10712","reference_id":"RHSA-2026:10712","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10712"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10929","reference_id":"RHSA-2026:10929","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10929"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11217","reference_id":"RHSA-2026:11217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11331","reference_id":"RHSA-2026:11331","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11331"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11375","reference_id":"RHSA-2026:11375","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11375"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11412","reference_id":"RHSA-2026:11412","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11412"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11413","reference_id":"RHSA-2026:11413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11686","reference_id":"RHSA-2026:11686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11686"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11688","reference_id":"RHSA-2026:11688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11747","reference_id":"RHSA-2026:11747","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11747"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11749","reference_id":"RHSA-2026:11749","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11749"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11768","reference_id":"RHSA-2026:11768","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11768"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11800","reference_id":"RHSA-2026:11800","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11800"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11856","reference_id":"RHSA-2026:11856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11916","reference_id":"RHSA-2026:11916","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11916"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11996","reference_id":"RHSA-2026:11996","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11996"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12028","reference_id":"RHSA-2026:12028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12029","reference_id":"RHSA-2026:12029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12029"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12030","reference_id":"RHSA-2026:12030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12031","reference_id":"RHSA-2026:12031","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12032","reference_id":"RHSA-2026:12032","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12032"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12033","reference_id":"RHSA-2026:12033","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12033"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12282","reference_id":"RHSA-2026:12282","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12282"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13508","reference_id":"RHSA-2026:13508","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13508"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13512","reference_id":"RHSA-2026:13512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13512"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13545","reference_id":"RHSA-2026:13545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13642","reference_id":"RHSA-2026:13642","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13642"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13643","reference_id":"RHSA-2026:13643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13643"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13671","reference_id":"RHSA-2026:13671","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13671"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13791","reference_id":"RHSA-2026:13791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14020","reference_id":"RHSA-2026:14020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14100","reference_id":"RHSA-2026:14100","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14774","reference_id":"RHSA-2026:14774","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14774"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14868","reference_id":"RHSA-2026:14868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14879","reference_id":"RHSA-2026:14879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15091","reference_id":"RHSA-2026:15091","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15091"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16102","reference_id":"RHSA-2026:16102","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16102"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16696","reference_id":"RHSA-2026:16696","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16874","reference_id":"RHSA-2026:16874","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16875","reference_id":"RHSA-2026:16875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17040","reference_id":"RHSA-2026:17040","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17084","reference_id":"RHSA-2026:17084","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17084"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17287","reference_id":"RHSA-2026:17287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5110","reference_id":"RHSA-2026:5110","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5110"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5549","reference_id":"RHSA-2026:5549","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5549"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5941","reference_id":"RHSA-2026:5941","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5941"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5942","reference_id":"RHSA-2026:5942","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5942"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5943","reference_id":"RHSA-2026:5943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5944","reference_id":"RHSA-2026:5944","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5944"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6341","reference_id":"RHSA-2026:6341","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6341"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6344","reference_id":"RHSA-2026:6344","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6344"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6382","reference_id":"RHSA-2026:6382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6383","reference_id":"RHSA-2026:6383","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6383"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6388","reference_id":"RHSA-2026:6388","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6388"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6564","reference_id":"RHSA-2026:6564","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6564"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6720","reference_id":"RHSA-2026:6720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6802","reference_id":"RHSA-2026:6802","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6802"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6949","reference_id":"RHSA-2026:6949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7005","reference_id":"RHSA-2026:7005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7009","reference_id":"RHSA-2026:7009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7011","reference_id":"RHSA-2026:7011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7259","reference_id":"RHSA-2026:7259","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7259"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7315","reference_id":"RHSA-2026:7315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7328","reference_id":"RHSA-2026:7328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7665","reference_id":"RHSA-2026:7665","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7665"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7669","reference_id":"RHSA-2026:7669","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7669"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7674","reference_id":"RHSA-2026:7674","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7674"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7833","reference_id":"RHSA-2026:7833","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7833"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7834","reference_id":"RHSA-2026:7834","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7834"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7876","reference_id":"RHSA-2026:7876","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7876"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7877","reference_id":"RHSA-2026:7877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7878","reference_id":"RHSA-2026:7878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7879","reference_id":"RHSA-2026:7879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7883","reference_id":"RHSA-2026:7883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7992","reference_id":"RHSA-2026:7992","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7992"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8151","reference_id":"RHSA-2026:8151","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8151"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8167","reference_id":"RHSA-2026:8167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8314","reference_id":"RHSA-2026:8314","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8314"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8322","reference_id":"RHSA-2026:8322","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8322"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8324","reference_id":"RHSA-2026:8324","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8324"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8337","reference_id":"RHSA-2026:8337","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8337"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8338","reference_id":"RHSA-2026:8338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8433","reference_id":"RHSA-2026:8433","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8433"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8434","reference_id":"RHSA-2026:8434","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8456","reference_id":"RHSA-2026:8456","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8483","reference_id":"RHSA-2026:8483","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8483"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8484","reference_id":"RHSA-2026:8484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8490","reference_id":"RHSA-2026:8490","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8490"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8491","reference_id":"RHSA-2026:8491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8493","reference_id":"RHSA-2026:8493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8840","reference_id":"RHSA-2026:8840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8841","reference_id":"RHSA-2026:8841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8842","reference_id":"RHSA-2026:8842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8845","reference_id":"RHSA-2026:8845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8847","reference_id":"RHSA-2026:8847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8847"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8848","reference_id":"RHSA-2026:8848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8849","reference_id":"RHSA-2026:8849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8851","reference_id":"RHSA-2026:8851","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8851"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8852","reference_id":"RHSA-2026:8852","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8852"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8853","reference_id":"RHSA-2026:8853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8855","reference_id":"RHSA-2026:8855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8856","reference_id":"RHSA-2026:8856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8860","reference_id":"RHSA-2026:8860","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8860"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8877","reference_id":"RHSA-2026:8877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8878","reference_id":"RHSA-2026:8878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8879","reference_id":"RHSA-2026:8879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8881","reference_id":"RHSA-2026:8881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8882","reference_id":"RHSA-2026:8882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8930","reference_id":"RHSA-2026:8930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8931","reference_id":"RHSA-2026:8931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8949","reference_id":"RHSA-2026:8949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9043","reference_id":"RHSA-2026:9043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9043"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9044","reference_id":"RHSA-2026:9044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9052","reference_id":"RHSA-2026:9052","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9052"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9090","reference_id":"RHSA-2026:9090","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9090"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9093","reference_id":"RHSA-2026:9093","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9093"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9094","reference_id":"RHSA-2026:9094","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9094"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9097","reference_id":"RHSA-2026:9097","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9097"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9098","reference_id":"RHSA-2026:9098","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9098"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9108","reference_id":"RHSA-2026:9108","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9108"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9109","reference_id":"RHSA-2026:9109","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9109"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9385","reference_id":"RHSA-2026:9385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9385"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9434","reference_id":"RHSA-2026:9434","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9435","reference_id":"RHSA-2026:9435","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9435"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9436","reference_id":"RHSA-2026:9436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9439","reference_id":"RHSA-2026:9439","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9439"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9440","reference_id":"RHSA-2026:9440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9448","reference_id":"RHSA-2026:9448","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9448"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9453","reference_id":"RHSA-2026:9453","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9453"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9461","reference_id":"RHSA-2026:9461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9695","reference_id":"RHSA-2026:9695","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9695"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9742","reference_id":"RHSA-2026:9742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9872","reference_id":"RHSA-2026:9872","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9872"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923846?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-245f-jhkn-w3ck"},{"vulnerability":"VCID-91yp-p6st-8ucd"},{"vulnerability":"VCID-ju53-xpej-3qca"},{"vulnerability":"VCID-s176-xcrb-e3ea"},{"vulnerability":"VCID-svbs-h3y5-wfbn"},{"vulnerability":"VCID-t19m-gs1u-rbfp"},{"vulnerability":"VCID-tf52-aa91-4kf3"},{"vulnerability":"VCID-tmb1-tq9e-puhd"},{"vulnerability":"VCID-vw1r-8zev-ykf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2026-25679"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pcez-y67t-8yg3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66653?format=json","vulnerability_id":"VCID-q9yj-ze4x-qyfr","summary":"crypto/x509: Quadratic complexity when checking name constraints in crypto/x509","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58187.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58187.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-58187","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02071","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02064","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02066","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03032","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.0492","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04602","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04611","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04786","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04823","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04838","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04835","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04881","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04923","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04926","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04663","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04675","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04669","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04651","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04634","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-58187"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58187","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58187"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407259","reference_id":"2407259","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407259"},{"reference_url":"https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI","reference_id":"4Emdl2iQ_bI","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-03T19:51:43Z/"}],"url":"https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"},{"reference_url":"https://go.dev/cl/709854","reference_id":"709854","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-03T19:51:43Z/"}],"url":"https://go.dev/cl/709854"},{"reference_url":"https://go.dev/issue/75681","reference_id":"75681","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-03T19:51:43Z/"}],"url":"https://go.dev/issue/75681"},{"reference_url":"https://pkg.go.dev/vuln/GO-2025-4007","reference_id":"GO-2025-4007","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-03T19:51:43Z/"}],"url":"https://pkg.go.dev/vuln/GO-2025-4007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923848?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/923846?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-245f-jhkn-w3ck"},{"vulnerability":"VCID-91yp-p6st-8ucd"},{"vulnerability":"VCID-ju53-xpej-3qca"},{"vulnerability":"VCID-s176-xcrb-e3ea"},{"vulnerability":"VCID-svbs-h3y5-wfbn"},{"vulnerability":"VCID-t19m-gs1u-rbfp"},{"vulnerability":"VCID-tf52-aa91-4kf3"},{"vulnerability":"VCID-tmb1-tq9e-puhd"},{"vulnerability":"VCID-vw1r-8zev-ykf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2025-58187"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q9yj-ze4x-qyfr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/350580?format=json","vulnerability_id":"VCID-s176-xcrb-e3ea","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27143.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27143.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27143","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04628","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04728","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04684","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04649","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04653","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.0442","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04556","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04594","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05411","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05412","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05419","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05415","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06628","published_at":"2026-04-16T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00623","published_at":"2026-04-09T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00622","published_at":"2026-04-11T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00618","published_at":"2026-04-12T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.0062","published_at":"2026-04-13T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00629","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27143"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27143","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27143"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","reference_id":"0uYbvbPZRWU","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:50:24Z/"}],"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456342","reference_id":"2456342","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456342"},{"reference_url":"https://go.dev/cl/763765","reference_id":"763765","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:50:24Z/"}],"url":"https://go.dev/cl/763765"},{"reference_url":"https://go.dev/issue/78333","reference_id":"78333","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:50:24Z/"}],"url":"https://go.dev/issue/78333"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4868","reference_id":"GO-2026-4868","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:50:24Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10217","reference_id":"RHSA-2026:10217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10219","reference_id":"RHSA-2026:10219","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10219"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10704","reference_id":"RHSA-2026:10704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11688","reference_id":"RHSA-2026:11688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16021","reference_id":"RHSA-2026:16021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16024","reference_id":"RHSA-2026:16024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16477","reference_id":"RHSA-2026:16477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16505","reference_id":"RHSA-2026:16505","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16505"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16508","reference_id":"RHSA-2026:16508","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16508"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16537","reference_id":"RHSA-2026:16537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2026-27143"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s176-xcrb-e3ea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66648?format=json","vulnerability_id":"VCID-sb3w-x3yv-ffft","summary":"net/url: Insufficient validation of bracketed IPv6 hostnames in net/url","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-47912.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-47912.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-47912","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04808","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.0644","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05802","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06155","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06186","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06193","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06212","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06321","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06393","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06407","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06416","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06435","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05837","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05831","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06006","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06045","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06034","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06026","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06017","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05982","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05992","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-47912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47912","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47912"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407247","reference_id":"2407247","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407247"},{"reference_url":"https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI","reference_id":"4Emdl2iQ_bI","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-30T20:37:56Z/"}],"url":"https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"},{"reference_url":"https://go.dev/cl/709857","reference_id":"709857","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-30T20:37:56Z/"}],"url":"https://go.dev/cl/709857"},{"reference_url":"https://go.dev/issue/75678","reference_id":"75678","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-30T20:37:56Z/"}],"url":"https://go.dev/issue/75678"},{"reference_url":"https://pkg.go.dev/vuln/GO-2025-4010","reference_id":"GO-2025-4010","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-30T20:37:56Z/"}],"url":"https://pkg.go.dev/vuln/GO-2025-4010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923848?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/923846?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-245f-jhkn-w3ck"},{"vulnerability":"VCID-91yp-p6st-8ucd"},{"vulnerability":"VCID-ju53-xpej-3qca"},{"vulnerability":"VCID-s176-xcrb-e3ea"},{"vulnerability":"VCID-svbs-h3y5-wfbn"},{"vulnerability":"VCID-t19m-gs1u-rbfp"},{"vulnerability":"VCID-tf52-aa91-4kf3"},{"vulnerability":"VCID-tmb1-tq9e-puhd"},{"vulnerability":"VCID-vw1r-8zev-ykf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2025-47912"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sb3w-x3yv-ffft"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/350599?format=json","vulnerability_id":"VCID-svbs-h3y5-wfbn","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32289.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32289.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32289","reference_id":"","reference_type":"","scores":[{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01191","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.0112","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.012","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01193","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01189","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01194","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01419","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01412","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01414","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01407","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01399","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.014","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01411","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02621","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32289"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32289","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32289"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","reference_id":"0uYbvbPZRWU","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:22Z/"}],"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456334","reference_id":"2456334","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456334"},{"reference_url":"https://go.dev/cl/763762","reference_id":"763762","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:22Z/"}],"url":"https://go.dev/cl/763762"},{"reference_url":"https://go.dev/issue/78331","reference_id":"78331","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:22Z/"}],"url":"https://go.dev/issue/78331"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4865","reference_id":"GO-2026-4865","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:22Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2026-32289"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-svbs-h3y5-wfbn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/350581?format=json","vulnerability_id":"VCID-t19m-gs1u-rbfp","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27144.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27144.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27144","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00313","published_at":"2026-04-21T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00308","published_at":"2026-05-07T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00312","published_at":"2026-04-26T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00294","published_at":"2026-04-18T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00314","published_at":"2026-04-24T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00432","published_at":"2026-05-15T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00434","published_at":"2026-05-14T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00429","published_at":"2026-05-12T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00431","published_at":"2026-05-11T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.0031","published_at":"2026-05-09T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00307","published_at":"2026-05-05T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00687","published_at":"2026-04-08T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00679","published_at":"2026-04-11T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00672","published_at":"2026-04-13T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00693","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27144"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27144","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27144"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","reference_id":"0uYbvbPZRWU","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:49:47Z/"}],"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456340","reference_id":"2456340","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456340"},{"reference_url":"https://go.dev/cl/763764","reference_id":"763764","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:49:47Z/"}],"url":"https://go.dev/cl/763764"},{"reference_url":"https://go.dev/issue/78371","reference_id":"78371","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:49:47Z/"}],"url":"https://go.dev/issue/78371"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4867","reference_id":"GO-2026-4867","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:49:47Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10217","reference_id":"RHSA-2026:10217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10219","reference_id":"RHSA-2026:10219","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10219"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10704","reference_id":"RHSA-2026:10704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11688","reference_id":"RHSA-2026:11688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16021","reference_id":"RHSA-2026:16021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16024","reference_id":"RHSA-2026:16024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16477","reference_id":"RHSA-2026:16477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16505","reference_id":"RHSA-2026:16505","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16505"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16508","reference_id":"RHSA-2026:16508","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16508"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16537","reference_id":"RHSA-2026:16537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2026-27144"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t19m-gs1u-rbfp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66650?format=json","vulnerability_id":"VCID-t2dr-6dz3-7qgt","summary":"encoding/asn1: Parsing DER payload can cause memory exhaustion in encoding/asn1","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58185.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58185.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-58185","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06126","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06096","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0611","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07141","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.09136","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.09011","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08961","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08941","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08857","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.09015","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.09082","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.09046","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.09072","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.09141","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08966","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08996","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08995","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08959","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08947","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08836","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08811","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-58185"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58185","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58185"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407251","reference_id":"2407251","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407251"},{"reference_url":"https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI","reference_id":"4Emdl2iQ_bI","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:25:15Z/"}],"url":"https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"},{"reference_url":"https://go.dev/cl/709856","reference_id":"709856","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:25:15Z/"}],"url":"https://go.dev/cl/709856"},{"reference_url":"https://go.dev/issue/75671","reference_id":"75671","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:25:15Z/"}],"url":"https://go.dev/issue/75671"},{"reference_url":"https://pkg.go.dev/vuln/GO-2025-4011","reference_id":"GO-2025-4011","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-10-30T14:25:15Z/"}],"url":"https://pkg.go.dev/vuln/GO-2025-4011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923848?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/923846?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-245f-jhkn-w3ck"},{"vulnerability":"VCID-91yp-p6st-8ucd"},{"vulnerability":"VCID-ju53-xpej-3qca"},{"vulnerability":"VCID-s176-xcrb-e3ea"},{"vulnerability":"VCID-svbs-h3y5-wfbn"},{"vulnerability":"VCID-t19m-gs1u-rbfp"},{"vulnerability":"VCID-tf52-aa91-4kf3"},{"vulnerability":"VCID-tmb1-tq9e-puhd"},{"vulnerability":"VCID-vw1r-8zev-ykf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2025-58185"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t2dr-6dz3-7qgt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/350594?format=json","vulnerability_id":"VCID-tf52-aa91-4kf3","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32280.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32280.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32280","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03484","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03455","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.0343","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03529","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04406","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04427","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04468","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04467","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04533","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04497","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04261","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04387","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05263","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.0526","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05259","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05261","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05503","published_at":"2026-04-16T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.0045","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32280"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32280","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32280"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456339","reference_id":"2456339","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10217","reference_id":"RHSA-2026:10217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10219","reference_id":"RHSA-2026:10219","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10219"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10704","reference_id":"RHSA-2026:10704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11507","reference_id":"RHSA-2026:11507","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11507"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11514","reference_id":"RHSA-2026:11514","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11514"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11688","reference_id":"RHSA-2026:11688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13545","reference_id":"RHSA-2026:13545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13791","reference_id":"RHSA-2026:13791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13826","reference_id":"RHSA-2026:13826","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13826"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14020","reference_id":"RHSA-2026:14020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14162","reference_id":"RHSA-2026:14162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14200","reference_id":"RHSA-2026:14200","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14200"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14391","reference_id":"RHSA-2026:14391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15980","reference_id":"RHSA-2026:15980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16021","reference_id":"RHSA-2026:16021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16024","reference_id":"RHSA-2026:16024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16476","reference_id":"RHSA-2026:16476","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16476"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16477","reference_id":"RHSA-2026:16477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16505","reference_id":"RHSA-2026:16505","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16505"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16508","reference_id":"RHSA-2026:16508","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16508"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16532","reference_id":"RHSA-2026:16532","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16532"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16534","reference_id":"RHSA-2026:16534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16534"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16535","reference_id":"RHSA-2026:16535","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16535"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16537","reference_id":"RHSA-2026:16537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16542","reference_id":"RHSA-2026:16542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16874","reference_id":"RHSA-2026:16874","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16875","reference_id":"RHSA-2026:16875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17084","reference_id":"RHSA-2026:17084","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17084"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17287","reference_id":"RHSA-2026:17287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9385","reference_id":"RHSA-2026:9385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2026-32280"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tf52-aa91-4kf3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/350596?format=json","vulnerability_id":"VCID-tmb1-tq9e-puhd","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32282.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32282.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32282","reference_id":"","reference_type":"","scores":[{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01052","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01073","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01072","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01057","published_at":"2026-04-11T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00766","published_at":"2026-04-18T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00811","published_at":"2026-05-07T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.0081","published_at":"2026-04-21T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00778","published_at":"2026-04-16T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00803","published_at":"2026-05-09T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00807","published_at":"2026-04-29T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00812","published_at":"2026-05-05T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00927","published_at":"2026-05-15T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00919","published_at":"2026-05-12T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00924","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32282","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32282"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","reference_id":"0uYbvbPZRWU","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:47:42Z/"}],"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456336","reference_id":"2456336","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456336"},{"reference_url":"https://go.dev/cl/763761","reference_id":"763761","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:47:42Z/"}],"url":"https://go.dev/cl/763761"},{"reference_url":"https://go.dev/issue/78293","reference_id":"78293","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:47:42Z/"}],"url":"https://go.dev/issue/78293"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4864","reference_id":"GO-2026-4864","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:47:42Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4864"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10217","reference_id":"RHSA-2026:10217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10219","reference_id":"RHSA-2026:10219","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10219"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10704","reference_id":"RHSA-2026:10704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11408","reference_id":"RHSA-2026:11408","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11408"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11507","reference_id":"RHSA-2026:11507","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11507"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11514","reference_id":"RHSA-2026:11514","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11514"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11704","reference_id":"RHSA-2026:11704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11711","reference_id":"RHSA-2026:11711","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11711"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11712","reference_id":"RHSA-2026:11712","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11712"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11803","reference_id":"RHSA-2026:11803","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11803"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11863","reference_id":"RHSA-2026:11863","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11863"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13791","reference_id":"RHSA-2026:13791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13826","reference_id":"RHSA-2026:13826","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13826"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13829","reference_id":"RHSA-2026:13829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14200","reference_id":"RHSA-2026:14200","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14200"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14391","reference_id":"RHSA-2026:14391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15980","reference_id":"RHSA-2026:15980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16021","reference_id":"RHSA-2026:16021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16024","reference_id":"RHSA-2026:16024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16874","reference_id":"RHSA-2026:16874","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16875","reference_id":"RHSA-2026:16875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17075","reference_id":"RHSA-2026:17075","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17075"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17084","reference_id":"RHSA-2026:17084","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17084"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9385","reference_id":"RHSA-2026:9385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2026-32282"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tmb1-tq9e-puhd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66654?format=json","vulnerability_id":"VCID-usyf-s559-pkgx","summary":"crypto/tls: go crypto/tls ALPN negotiation error contains attacker controlled information","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58189.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-58189.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-58189","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01703","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.0171","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01718","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01693","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01681","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01682","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02064","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03481","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03529","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03568","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03584","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03447","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03452","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03498","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03462","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03518","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03523","published_at":"2026-05-11T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00893","published_at":"2026-04-07T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.0089","published_at":"2026-04-04T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00888","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-58189"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58189","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-58189"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407260","reference_id":"2407260","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407260"},{"reference_url":"https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI","reference_id":"4Emdl2iQ_bI","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-03T19:50:48Z/"}],"url":"https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"},{"reference_url":"https://go.dev/cl/707776","reference_id":"707776","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-03T19:50:48Z/"}],"url":"https://go.dev/cl/707776"},{"reference_url":"https://go.dev/issue/75652","reference_id":"75652","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-03T19:50:48Z/"}],"url":"https://go.dev/issue/75652"},{"reference_url":"https://pkg.go.dev/vuln/GO-2025-4008","reference_id":"GO-2025-4008","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-03T19:50:48Z/"}],"url":"https://pkg.go.dev/vuln/GO-2025-4008"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923848?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/923846?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-245f-jhkn-w3ck"},{"vulnerability":"VCID-91yp-p6st-8ucd"},{"vulnerability":"VCID-ju53-xpej-3qca"},{"vulnerability":"VCID-s176-xcrb-e3ea"},{"vulnerability":"VCID-svbs-h3y5-wfbn"},{"vulnerability":"VCID-t19m-gs1u-rbfp"},{"vulnerability":"VCID-tf52-aa91-4kf3"},{"vulnerability":"VCID-tmb1-tq9e-puhd"},{"vulnerability":"VCID-vw1r-8zev-ykf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2025-58189"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-usyf-s559-pkgx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/350597?format=json","vulnerability_id":"VCID-vw1r-8zev-ykf4","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32283.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32283.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32283","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03145","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04249","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04363","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04326","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.043","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04313","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.0428","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04261","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05136","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05138","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05594","published_at":"2026-04-16T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00476","published_at":"2026-04-13T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00477","published_at":"2026-04-11T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00479","published_at":"2026-04-08T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00474","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32283"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","reference_id":"0uYbvbPZRWU","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:46Z/"}],"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456338","reference_id":"2456338","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456338"},{"reference_url":"https://go.dev/cl/763767","reference_id":"763767","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:46Z/"}],"url":"https://go.dev/cl/763767"},{"reference_url":"https://go.dev/issue/78334","reference_id":"78334","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:46Z/"}],"url":"https://go.dev/issue/78334"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4870","reference_id":"GO-2026-4870","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:46Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4870"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10217","reference_id":"RHSA-2026:10217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10219","reference_id":"RHSA-2026:10219","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10219"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10704","reference_id":"RHSA-2026:10704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11507","reference_id":"RHSA-2026:11507","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11507"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11514","reference_id":"RHSA-2026:11514","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11514"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11704","reference_id":"RHSA-2026:11704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11711","reference_id":"RHSA-2026:11711","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11711"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11712","reference_id":"RHSA-2026:11712","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11712"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11863","reference_id":"RHSA-2026:11863","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11863"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11881","reference_id":"RHSA-2026:11881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14162","reference_id":"RHSA-2026:14162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14200","reference_id":"RHSA-2026:14200","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14200"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14272","reference_id":"RHSA-2026:14272","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14272"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14391","reference_id":"RHSA-2026:14391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15980","reference_id":"RHSA-2026:15980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16021","reference_id":"RHSA-2026:16021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16024","reference_id":"RHSA-2026:16024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16101","reference_id":"RHSA-2026:16101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16101"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16102","reference_id":"RHSA-2026:16102","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16102"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16875","reference_id":"RHSA-2026:16875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17075","reference_id":"RHSA-2026:17075","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17075"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17084","reference_id":"RHSA-2026:17084","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17084"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17287","reference_id":"RHSA-2026:17287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2026-32283"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vw1r-8zev-ykf4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64833?format=json","vulnerability_id":"VCID-wchc-as62-1fae","summary":"cmd/go: cmd/go: Local code execution and arbitrary file write via malicious module version strings","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68119.json","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68119.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-68119","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02913","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.02898","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04204","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04243","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04261","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04296","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04282","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04309","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04346","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04349","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04352","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04192","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04149","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.0418","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04195","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04174","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04157","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04131","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04101","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04109","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04231","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-68119"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68119","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68119"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125916","reference_id":"1125916","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125916"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126770","reference_id":"1126770","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126770"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2434438","reference_id":"2434438","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2434438"},{"reference_url":"https://go.dev/cl/736710","reference_id":"736710","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-29T04:55:55Z/"}],"url":"https://go.dev/cl/736710"},{"reference_url":"https://go.dev/issue/77099","reference_id":"77099","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-29T04:55:55Z/"}],"url":"https://go.dev/issue/77099"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4338","reference_id":"GO-2026-4338","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-29T04:55:55Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"},{"reference_url":"https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc","reference_id":"Vd2tYVM8eUc","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-29T04:55:55Z/"}],"url":"https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923849?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.6-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.6-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/923846?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-245f-jhkn-w3ck"},{"vulnerability":"VCID-91yp-p6st-8ucd"},{"vulnerability":"VCID-ju53-xpej-3qca"},{"vulnerability":"VCID-s176-xcrb-e3ea"},{"vulnerability":"VCID-svbs-h3y5-wfbn"},{"vulnerability":"VCID-t19m-gs1u-rbfp"},{"vulnerability":"VCID-tf52-aa91-4kf3"},{"vulnerability":"VCID-tmb1-tq9e-puhd"},{"vulnerability":"VCID-vw1r-8zev-ykf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2025-68119"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wchc-as62-1fae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64347?format=json","vulnerability_id":"VCID-x5ub-bfb7-nbbr","summary":"crypto/x509: Incorrect enforcement of email constraints in crypto/x509","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27137.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27137.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27137","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.017","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01692","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.0216","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02175","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02177","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02198","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02157","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02132","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02145","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.0223","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03112","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03116","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03141","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03177","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03191","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03123","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03157","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03186","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03596","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03613","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27137"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2445345","reference_id":"2445345","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2445345"},{"reference_url":"https://go.dev/cl/752182","reference_id":"752182","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:32:09Z/"}],"url":"https://go.dev/cl/752182"},{"reference_url":"https://go.dev/issue/77952","reference_id":"77952","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:32:09Z/"}],"url":"https://go.dev/issue/77952"},{"reference_url":"https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk","reference_id":"EdhZqrQ98hk","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:32:09Z/"}],"url":"https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4599","reference_id":"GO-2026-4599","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:32:09Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4599"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10125","reference_id":"RHSA-2026:10125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10158","reference_id":"RHSA-2026:10158","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10158"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10169","reference_id":"RHSA-2026:10169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10175","reference_id":"RHSA-2026:10175","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10175"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10184","reference_id":"RHSA-2026:10184","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10184"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10225","reference_id":"RHSA-2026:10225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10250","reference_id":"RHSA-2026:10250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10929","reference_id":"RHSA-2026:10929","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10929"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11331","reference_id":"RHSA-2026:11331","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11331"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11800","reference_id":"RHSA-2026:11800","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11800"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13545","reference_id":"RHSA-2026:13545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14879","reference_id":"RHSA-2026:14879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5110","reference_id":"RHSA-2026:5110","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5110"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5549","reference_id":"RHSA-2026:5549","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5549"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8151","reference_id":"RHSA-2026:8151","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8151"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8167","reference_id":"RHSA-2026:8167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8337","reference_id":"RHSA-2026:8337","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8337"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8338","reference_id":"RHSA-2026:8338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8842","reference_id":"RHSA-2026:8842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9052","reference_id":"RHSA-2026:9052","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9052"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9385","reference_id":"RHSA-2026:9385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9385"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9697","reference_id":"RHSA-2026:9697","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9697"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9698","reference_id":"RHSA-2026:9698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9699","reference_id":"RHSA-2026:9699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9872","reference_id":"RHSA-2026:9872","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9872"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923851?format=json","purl":"pkg:deb/debian/golang-1.25@0?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@0%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/923846?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.8-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-245f-jhkn-w3ck"},{"vulnerability":"VCID-91yp-p6st-8ucd"},{"vulnerability":"VCID-ju53-xpej-3qca"},{"vulnerability":"VCID-s176-xcrb-e3ea"},{"vulnerability":"VCID-svbs-h3y5-wfbn"},{"vulnerability":"VCID-t19m-gs1u-rbfp"},{"vulnerability":"VCID-tf52-aa91-4kf3"},{"vulnerability":"VCID-tmb1-tq9e-puhd"},{"vulnerability":"VCID-vw1r-8zev-ykf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.8-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059618?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.9-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1642-htyj-kubr"},{"vulnerability":"VCID-6b34-5hez-8yf2"},{"vulnerability":"VCID-ant6-bm7n-c3hm"},{"vulnerability":"VCID-fhzp-yggw-s7au"},{"vulnerability":"VCID-hast-jk42-g3da"},{"vulnerability":"VCID-juan-6myp-7ydh"},{"vulnerability":"VCID-m44c-grtm-kkfk"},{"vulnerability":"VCID-r36g-6m47-g3f3"},{"vulnerability":"VCID-s3z8-q5kr-yfe7"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1105250?format=json","purl":"pkg:deb/debian/golang-1.25@1.25.10-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.10-1%3Fdistro=sid"}],"aliases":["CVE-2026-27137"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x5ub-bfb7-nbbr"}],"risk_score":"3.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.25@1.25.9-1%3Fdistro=sid"}