{"url":"http://public2.vulnerablecode.io/api/packages/1081519?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-3?distro=sid","type":"deb","namespace":"debian","name":"golang-1.26","version":"1.26.2-3","qualifiers":{"distro":"sid"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/350595?format=json","vulnerability_id":"VCID-245f-jhkn-w3ck","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32281.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32281.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32281","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04457","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04696","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.0467","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04636","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04595","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04693","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05503","published_at":"2026-04-16T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.0045","published_at":"2026-04-09T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00451","published_at":"2026-04-11T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00447","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32281"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","reference_id":"0uYbvbPZRWU","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:52:37Z/"}],"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456333","reference_id":"2456333","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456333"},{"reference_url":"https://go.dev/cl/758061","reference_id":"758061","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:52:37Z/"}],"url":"https://go.dev/cl/758061"},{"reference_url":"https://go.dev/issue/78281","reference_id":"78281","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:52:37Z/"}],"url":"https://go.dev/issue/78281"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4946","reference_id":"GO-2026-4946","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:52:37Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4946"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1059619?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077439?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1081519?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-3?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-3%3Fdistro=sid"}],"aliases":["CVE-2026-32281"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-245f-jhkn-w3ck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64344?format=json","vulnerability_id":"VCID-6a6z-bq7m-c3gf","summary":"crypto/x509: Panic in name constraint checking for malformed certificates in crypto/x509","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27138.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27138.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27138","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05245","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05215","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05749","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05788","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05813","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05792","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05784","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05778","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05741","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05894","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09952","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09915","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09868","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.0979","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27138"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2445344","reference_id":"2445344","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2445344"},{"reference_url":"https://go.dev/cl/752183","reference_id":"752183","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:34:15Z/"}],"url":"https://go.dev/cl/752183"},{"reference_url":"https://go.dev/issue/77953","reference_id":"77953","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:34:15Z/"}],"url":"https://go.dev/issue/77953"},{"reference_url":"https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk","reference_id":"EdhZqrQ98hk","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:34:15Z/"}],"url":"https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4600","reference_id":"GO-2026-4600","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:34:15Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4600"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923852?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.1-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-245f-jhkn-w3ck"},{"vulnerability":"VCID-91yp-p6st-8ucd"},{"vulnerability":"VCID-gtys-5r5h-p7ht"},{"vulnerability":"VCID-ju53-xpej-3qca"},{"vulnerability":"VCID-s176-xcrb-e3ea"},{"vulnerability":"VCID-svbs-h3y5-wfbn"},{"vulnerability":"VCID-t19m-gs1u-rbfp"},{"vulnerability":"VCID-tf52-aa91-4kf3"},{"vulnerability":"VCID-tmb1-tq9e-puhd"},{"vulnerability":"VCID-vw1r-8zev-ykf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059619?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077439?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1081519?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-3?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-3%3Fdistro=sid"}],"aliases":["CVE-2026-27138"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6a6z-bq7m-c3gf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64345?format=json","vulnerability_id":"VCID-8s5d-1byz-8fhz","summary":"html/template: URLs in meta content attribute actions are not escaped in html/template","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27142.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27142.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27142","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01258","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01426","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01263","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01424","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01429","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01436","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01542","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01562","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01551","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01545","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.0153","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01552","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01555","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03399","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27142"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27142","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27142"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2445351","reference_id":"2445351","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2445351"},{"reference_url":"https://go.dev/cl/752081","reference_id":"752081","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-16T15:21:11Z/"}],"url":"https://go.dev/cl/752081"},{"reference_url":"https://go.dev/issue/77954","reference_id":"77954","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-16T15:21:11Z/"}],"url":"https://go.dev/issue/77954"},{"reference_url":"https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk","reference_id":"EdhZqrQ98hk","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-16T15:21:11Z/"}],"url":"https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4603","reference_id":"GO-2026-4603","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-16T15:21:11Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4603"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5192","reference_id":"RHSA-2026:5192","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5192"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923852?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.1-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-245f-jhkn-w3ck"},{"vulnerability":"VCID-91yp-p6st-8ucd"},{"vulnerability":"VCID-gtys-5r5h-p7ht"},{"vulnerability":"VCID-ju53-xpej-3qca"},{"vulnerability":"VCID-s176-xcrb-e3ea"},{"vulnerability":"VCID-svbs-h3y5-wfbn"},{"vulnerability":"VCID-t19m-gs1u-rbfp"},{"vulnerability":"VCID-tf52-aa91-4kf3"},{"vulnerability":"VCID-tmb1-tq9e-puhd"},{"vulnerability":"VCID-vw1r-8zev-ykf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059619?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077439?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1081519?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-3?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-3%3Fdistro=sid"}],"aliases":["CVE-2026-27142"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8s5d-1byz-8fhz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/350598?format=json","vulnerability_id":"VCID-91yp-p6st-8ucd","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32288.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32288.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32288","reference_id":"","reference_type":"","scores":[{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00172","published_at":"2026-05-05T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00171","published_at":"2026-04-18T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00173","published_at":"2026-04-21T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00175","published_at":"2026-04-26T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.0029","published_at":"2026-04-16T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.0062","published_at":"2026-04-13T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00618","published_at":"2026-04-12T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00622","published_at":"2026-04-11T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00813","published_at":"2026-04-09T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00816","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32288"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32288","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32288"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","reference_id":"0uYbvbPZRWU","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:05Z/"}],"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456332","reference_id":"2456332","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456332"},{"reference_url":"https://go.dev/cl/763766","reference_id":"763766","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:05Z/"}],"url":"https://go.dev/cl/763766"},{"reference_url":"https://go.dev/issue/78301","reference_id":"78301","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:05Z/"}],"url":"https://go.dev/issue/78301"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4869","reference_id":"GO-2026-4869","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:05Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4869"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1059619?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077439?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1081519?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-3?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-3%3Fdistro=sid"}],"aliases":["CVE-2026-32288"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-91yp-p6st-8ucd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64343?format=json","vulnerability_id":"VCID-czyb-wuf2-x7he","summary":"os: FileInfo can escape from a Root in golang os module","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27139.json","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27139.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27139","reference_id":"","reference_type":"","scores":[{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00209","published_at":"2026-04-02T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.0021","published_at":"2026-04-04T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00268","published_at":"2026-04-07T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00266","published_at":"2026-04-08T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00265","published_at":"2026-04-11T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00261","published_at":"2026-04-12T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.0026","published_at":"2026-04-18T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00259","published_at":"2026-04-16T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00642","published_at":"2026-04-24T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00645","published_at":"2026-05-05T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00646","published_at":"2026-04-29T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00716","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27139"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27139","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27139"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2445335","reference_id":"2445335","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2445335"},{"reference_url":"https://go.dev/cl/749480","reference_id":"749480","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-09T14:53:55Z/"}],"url":"https://go.dev/cl/749480"},{"reference_url":"https://go.dev/issue/77827","reference_id":"77827","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-09T14:53:55Z/"}],"url":"https://go.dev/issue/77827"},{"reference_url":"https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk","reference_id":"EdhZqrQ98hk","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-09T14:53:55Z/"}],"url":"https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4602","reference_id":"GO-2026-4602","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-09T14:53:55Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4602"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923852?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.1-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-245f-jhkn-w3ck"},{"vulnerability":"VCID-91yp-p6st-8ucd"},{"vulnerability":"VCID-gtys-5r5h-p7ht"},{"vulnerability":"VCID-ju53-xpej-3qca"},{"vulnerability":"VCID-s176-xcrb-e3ea"},{"vulnerability":"VCID-svbs-h3y5-wfbn"},{"vulnerability":"VCID-t19m-gs1u-rbfp"},{"vulnerability":"VCID-tf52-aa91-4kf3"},{"vulnerability":"VCID-tmb1-tq9e-puhd"},{"vulnerability":"VCID-vw1r-8zev-ykf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059619?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077439?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1081519?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-3?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-3%3Fdistro=sid"}],"aliases":["CVE-2026-27139"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-czyb-wuf2-x7he"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/350604?format=json","vulnerability_id":"VCID-gtys-5r5h-p7ht","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33810.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33810.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33810","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01216","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.014","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01409","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01404","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01399","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01389","published_at":"2026-04-21T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00274","published_at":"2026-04-09T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00212","published_at":"2026-04-11T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00211","published_at":"2026-04-13T12:55:00Z"},{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00276","published_at":"2026-04-08T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00967","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33810"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","reference_id":"0uYbvbPZRWU","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:57Z/"}],"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456335","reference_id":"2456335","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456335"},{"reference_url":"https://go.dev/cl/763763","reference_id":"763763","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:57Z/"}],"url":"https://go.dev/cl/763763"},{"reference_url":"https://go.dev/issue/78332","reference_id":"78332","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:57Z/"}],"url":"https://go.dev/issue/78332"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4866","reference_id":"GO-2026-4866","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:57Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10155","reference_id":"RHSA-2026:10155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10158","reference_id":"RHSA-2026:10158","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10158"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11330","reference_id":"RHSA-2026:11330","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11330"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11331","reference_id":"RHSA-2026:11331","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11331"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13545","reference_id":"RHSA-2026:13545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9385","reference_id":"RHSA-2026:9385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1059619?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077439?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1081519?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-3?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-3%3Fdistro=sid"}],"aliases":["CVE-2026-33810"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gtys-5r5h-p7ht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/350579?format=json","vulnerability_id":"VCID-ju53-xpej-3qca","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27140.json","reference_id":"","reference_type":"","scores":[{"value":"9.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27140.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27140","reference_id":"","reference_type":"","scores":[{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02635","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02748","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02776","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02722","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02735","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02746","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05345","published_at":"2026-04-16T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00649","published_at":"2026-04-11T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00644","published_at":"2026-04-12T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00655","published_at":"2026-04-08T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00646","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27140"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","reference_id":"0uYbvbPZRWU","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:55:58Z/"}],"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456341","reference_id":"2456341","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456341"},{"reference_url":"https://go.dev/cl/763768","reference_id":"763768","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:55:58Z/"}],"url":"https://go.dev/cl/763768"},{"reference_url":"https://go.dev/issue/78335","reference_id":"78335","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:55:58Z/"}],"url":"https://go.dev/issue/78335"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4871","reference_id":"GO-2026-4871","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:55:58Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4871"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1059619?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077439?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1081519?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-3?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-3%3Fdistro=sid"}],"aliases":["CVE-2026-27140"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ju53-xpej-3qca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64346?format=json","vulnerability_id":"VCID-pcez-y67t-8yg3","summary":"net/url: Incorrect parsing of IPv6 host literals in net/url","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25679.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25679.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-25679","reference_id":"","reference_type":"","scores":[{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08816","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08768","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09672","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09743","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09793","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09802","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09771","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09754","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.0964","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09612","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15881","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.15973","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.15853","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16017","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16013","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-25679"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2445356","reference_id":"2445356","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2445356"},{"reference_url":"https://go.dev/cl/752180","reference_id":"752180","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:36:26Z/"}],"url":"https://go.dev/cl/752180"},{"reference_url":"https://go.dev/issue/77578","reference_id":"77578","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:36:26Z/"}],"url":"https://go.dev/issue/77578"},{"reference_url":"https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk","reference_id":"EdhZqrQ98hk","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:36:26Z/"}],"url":"https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4601","reference_id":"GO-2026-4601","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:36:26Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4601"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10065","reference_id":"RHSA-2026:10065","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10065"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10125","reference_id":"RHSA-2026:10125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10133","reference_id":"RHSA-2026:10133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10140","reference_id":"RHSA-2026:10140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10140"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10141","reference_id":"RHSA-2026:10141","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10141"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10158","reference_id":"RHSA-2026:10158","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10158"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10169","reference_id":"RHSA-2026:10169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10175","reference_id":"RHSA-2026:10175","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10175"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10184","reference_id":"RHSA-2026:10184","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10184"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10225","reference_id":"RHSA-2026:10225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10250","reference_id":"RHSA-2026:10250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10701","reference_id":"RHSA-2026:10701","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10701"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10712","reference_id":"RHSA-2026:10712","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10712"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10929","reference_id":"RHSA-2026:10929","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10929"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11331","reference_id":"RHSA-2026:11331","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11331"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11375","reference_id":"RHSA-2026:11375","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11375"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11412","reference_id":"RHSA-2026:11412","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11412"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11413","reference_id":"RHSA-2026:11413","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11413"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11686","reference_id":"RHSA-2026:11686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11686"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11688","reference_id":"RHSA-2026:11688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11747","reference_id":"RHSA-2026:11747","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11747"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11749","reference_id":"RHSA-2026:11749","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11749"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11768","reference_id":"RHSA-2026:11768","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11768"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11800","reference_id":"RHSA-2026:11800","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11800"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11856","reference_id":"RHSA-2026:11856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11916","reference_id":"RHSA-2026:11916","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11916"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11996","reference_id":"RHSA-2026:11996","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11996"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12028","reference_id":"RHSA-2026:12028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12029","reference_id":"RHSA-2026:12029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12029"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12030","reference_id":"RHSA-2026:12030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12031","reference_id":"RHSA-2026:12031","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12032","reference_id":"RHSA-2026:12032","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12032"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12033","reference_id":"RHSA-2026:12033","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12033"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13508","reference_id":"RHSA-2026:13508","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13508"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13512","reference_id":"RHSA-2026:13512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13512"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13545","reference_id":"RHSA-2026:13545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13642","reference_id":"RHSA-2026:13642","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13642"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13643","reference_id":"RHSA-2026:13643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13643"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13671","reference_id":"RHSA-2026:13671","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13671"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5110","reference_id":"RHSA-2026:5110","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5110"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5549","reference_id":"RHSA-2026:5549","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5549"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5941","reference_id":"RHSA-2026:5941","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5941"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5942","reference_id":"RHSA-2026:5942","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5942"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5943","reference_id":"RHSA-2026:5943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5944","reference_id":"RHSA-2026:5944","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5944"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6341","reference_id":"RHSA-2026:6341","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6341"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6344","reference_id":"RHSA-2026:6344","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6344"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6382","reference_id":"RHSA-2026:6382","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6382"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6383","reference_id":"RHSA-2026:6383","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6383"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6388","reference_id":"RHSA-2026:6388","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6388"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6564","reference_id":"RHSA-2026:6564","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6564"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6720","reference_id":"RHSA-2026:6720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6802","reference_id":"RHSA-2026:6802","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6802"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6949","reference_id":"RHSA-2026:6949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7005","reference_id":"RHSA-2026:7005","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7005"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7009","reference_id":"RHSA-2026:7009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7011","reference_id":"RHSA-2026:7011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7259","reference_id":"RHSA-2026:7259","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7259"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7315","reference_id":"RHSA-2026:7315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7328","reference_id":"RHSA-2026:7328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7665","reference_id":"RHSA-2026:7665","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7665"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7669","reference_id":"RHSA-2026:7669","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7669"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7674","reference_id":"RHSA-2026:7674","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7674"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7833","reference_id":"RHSA-2026:7833","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7833"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7834","reference_id":"RHSA-2026:7834","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7834"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7876","reference_id":"RHSA-2026:7876","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7876"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7877","reference_id":"RHSA-2026:7877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7878","reference_id":"RHSA-2026:7878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7879","reference_id":"RHSA-2026:7879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7883","reference_id":"RHSA-2026:7883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7883"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7992","reference_id":"RHSA-2026:7992","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7992"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8151","reference_id":"RHSA-2026:8151","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8151"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8167","reference_id":"RHSA-2026:8167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8314","reference_id":"RHSA-2026:8314","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8314"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8322","reference_id":"RHSA-2026:8322","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8322"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8324","reference_id":"RHSA-2026:8324","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8324"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8337","reference_id":"RHSA-2026:8337","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8337"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8338","reference_id":"RHSA-2026:8338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8433","reference_id":"RHSA-2026:8433","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8433"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8434","reference_id":"RHSA-2026:8434","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8456","reference_id":"RHSA-2026:8456","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8483","reference_id":"RHSA-2026:8483","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8483"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8484","reference_id":"RHSA-2026:8484","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8490","reference_id":"RHSA-2026:8490","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8490"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8491","reference_id":"RHSA-2026:8491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8493","reference_id":"RHSA-2026:8493","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8840","reference_id":"RHSA-2026:8840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8841","reference_id":"RHSA-2026:8841","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8841"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8842","reference_id":"RHSA-2026:8842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8845","reference_id":"RHSA-2026:8845","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8845"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8847","reference_id":"RHSA-2026:8847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8847"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8848","reference_id":"RHSA-2026:8848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8849","reference_id":"RHSA-2026:8849","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8849"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8851","reference_id":"RHSA-2026:8851","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8851"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8852","reference_id":"RHSA-2026:8852","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8852"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8853","reference_id":"RHSA-2026:8853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8855","reference_id":"RHSA-2026:8855","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8856","reference_id":"RHSA-2026:8856","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8856"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8860","reference_id":"RHSA-2026:8860","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8860"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8877","reference_id":"RHSA-2026:8877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8877"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8878","reference_id":"RHSA-2026:8878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8879","reference_id":"RHSA-2026:8879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8881","reference_id":"RHSA-2026:8881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8882","reference_id":"RHSA-2026:8882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8882"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8930","reference_id":"RHSA-2026:8930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8931","reference_id":"RHSA-2026:8931","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8949","reference_id":"RHSA-2026:8949","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8949"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9043","reference_id":"RHSA-2026:9043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9043"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9044","reference_id":"RHSA-2026:9044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9052","reference_id":"RHSA-2026:9052","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9052"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9090","reference_id":"RHSA-2026:9090","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9090"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9093","reference_id":"RHSA-2026:9093","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9093"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9094","reference_id":"RHSA-2026:9094","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9094"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9097","reference_id":"RHSA-2026:9097","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9097"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9098","reference_id":"RHSA-2026:9098","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9098"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9108","reference_id":"RHSA-2026:9108","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9108"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9109","reference_id":"RHSA-2026:9109","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9109"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9385","reference_id":"RHSA-2026:9385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9385"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9434","reference_id":"RHSA-2026:9434","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9435","reference_id":"RHSA-2026:9435","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9435"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9436","reference_id":"RHSA-2026:9436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9439","reference_id":"RHSA-2026:9439","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9439"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9440","reference_id":"RHSA-2026:9440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9448","reference_id":"RHSA-2026:9448","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9448"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9453","reference_id":"RHSA-2026:9453","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9453"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9461","reference_id":"RHSA-2026:9461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9695","reference_id":"RHSA-2026:9695","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9695"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9742","reference_id":"RHSA-2026:9742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9872","reference_id":"RHSA-2026:9872","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9872"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923852?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.1-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-245f-jhkn-w3ck"},{"vulnerability":"VCID-91yp-p6st-8ucd"},{"vulnerability":"VCID-gtys-5r5h-p7ht"},{"vulnerability":"VCID-ju53-xpej-3qca"},{"vulnerability":"VCID-s176-xcrb-e3ea"},{"vulnerability":"VCID-svbs-h3y5-wfbn"},{"vulnerability":"VCID-t19m-gs1u-rbfp"},{"vulnerability":"VCID-tf52-aa91-4kf3"},{"vulnerability":"VCID-tmb1-tq9e-puhd"},{"vulnerability":"VCID-vw1r-8zev-ykf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059619?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077439?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1081519?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-3?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-3%3Fdistro=sid"}],"aliases":["CVE-2026-25679"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pcez-y67t-8yg3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/350580?format=json","vulnerability_id":"VCID-s176-xcrb-e3ea","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27143.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27143.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27143","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.0442","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04649","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04594","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04628","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04653","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04556","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06628","published_at":"2026-04-16T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.0062","published_at":"2026-04-13T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00618","published_at":"2026-04-12T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00622","published_at":"2026-04-11T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00623","published_at":"2026-04-09T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00629","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27143"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27143","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27143"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","reference_id":"0uYbvbPZRWU","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:50:24Z/"}],"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456342","reference_id":"2456342","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456342"},{"reference_url":"https://go.dev/cl/763765","reference_id":"763765","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:50:24Z/"}],"url":"https://go.dev/cl/763765"},{"reference_url":"https://go.dev/issue/78333","reference_id":"78333","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:50:24Z/"}],"url":"https://go.dev/issue/78333"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4868","reference_id":"GO-2026-4868","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:50:24Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11688","reference_id":"RHSA-2026:11688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11688"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1059619?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077439?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1081519?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-3?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-3%3Fdistro=sid"}],"aliases":["CVE-2026-27143"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s176-xcrb-e3ea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/350599?format=json","vulnerability_id":"VCID-svbs-h3y5-wfbn","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32289.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32289.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32289","reference_id":"","reference_type":"","scores":[{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.0112","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01194","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.012","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01193","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01189","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.014","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01412","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01414","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01407","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01399","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02621","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32289"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32289","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32289"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","reference_id":"0uYbvbPZRWU","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:22Z/"}],"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456334","reference_id":"2456334","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456334"},{"reference_url":"https://go.dev/cl/763762","reference_id":"763762","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:22Z/"}],"url":"https://go.dev/cl/763762"},{"reference_url":"https://go.dev/issue/78331","reference_id":"78331","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:22Z/"}],"url":"https://go.dev/issue/78331"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4865","reference_id":"GO-2026-4865","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:22Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4865"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1059619?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077439?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1081519?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-3?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-3%3Fdistro=sid"}],"aliases":["CVE-2026-32289"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-svbs-h3y5-wfbn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/350581?format=json","vulnerability_id":"VCID-t19m-gs1u-rbfp","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27144.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27144.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27144","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00294","published_at":"2026-04-18T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00308","published_at":"2026-04-29T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00312","published_at":"2026-04-26T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00314","published_at":"2026-04-24T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00313","published_at":"2026-04-21T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00307","published_at":"2026-05-05T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00687","published_at":"2026-04-08T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00679","published_at":"2026-04-11T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00672","published_at":"2026-04-13T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00693","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27144"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27144","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27144"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","reference_id":"0uYbvbPZRWU","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:49:47Z/"}],"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456340","reference_id":"2456340","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456340"},{"reference_url":"https://go.dev/cl/763764","reference_id":"763764","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:49:47Z/"}],"url":"https://go.dev/cl/763764"},{"reference_url":"https://go.dev/issue/78371","reference_id":"78371","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:49:47Z/"}],"url":"https://go.dev/issue/78371"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4867","reference_id":"GO-2026-4867","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:49:47Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11688","reference_id":"RHSA-2026:11688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11688"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1059619?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077439?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1081519?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-3?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-3%3Fdistro=sid"}],"aliases":["CVE-2026-27144"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t19m-gs1u-rbfp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/350594?format=json","vulnerability_id":"VCID-tf52-aa91-4kf3","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32280.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32280.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32280","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.0343","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03529","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03484","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03455","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04468","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04406","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04427","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04467","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04261","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04387","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05503","published_at":"2026-04-16T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.0045","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32280"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32280","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32280"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456339","reference_id":"2456339","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11688","reference_id":"RHSA-2026:11688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13545","reference_id":"RHSA-2026:13545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13826","reference_id":"RHSA-2026:13826","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13826"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9385","reference_id":"RHSA-2026:9385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1059619?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077439?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1081519?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-3?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-3%3Fdistro=sid"}],"aliases":["CVE-2026-32280"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tf52-aa91-4kf3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/350596?format=json","vulnerability_id":"VCID-tmb1-tq9e-puhd","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32282.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32282.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32282","reference_id":"","reference_type":"","scores":[{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01073","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01072","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01057","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01052","published_at":"2026-04-13T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00778","published_at":"2026-04-16T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00766","published_at":"2026-04-18T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00807","published_at":"2026-04-29T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00812","published_at":"2026-05-05T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.00811","published_at":"2026-04-24T12:55:00Z"},{"value":"8e-05","scoring_system":"epss","scoring_elements":"0.0081","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32282","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32282"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","reference_id":"0uYbvbPZRWU","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:47:42Z/"}],"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456336","reference_id":"2456336","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456336"},{"reference_url":"https://go.dev/cl/763761","reference_id":"763761","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:47:42Z/"}],"url":"https://go.dev/cl/763761"},{"reference_url":"https://go.dev/issue/78293","reference_id":"78293","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:47:42Z/"}],"url":"https://go.dev/issue/78293"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4864","reference_id":"GO-2026-4864","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:47:42Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4864"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11408","reference_id":"RHSA-2026:11408","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11408"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11803","reference_id":"RHSA-2026:11803","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11803"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13826","reference_id":"RHSA-2026:13826","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13826"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9385","reference_id":"RHSA-2026:9385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1059619?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077439?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1081519?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-3?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-3%3Fdistro=sid"}],"aliases":["CVE-2026-32282"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tmb1-tq9e-puhd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/350597?format=json","vulnerability_id":"VCID-vw1r-8zev-ykf4","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32283","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03145","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.043","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04313","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.0428","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04261","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04249","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05594","published_at":"2026-04-16T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00479","published_at":"2026-04-08T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00477","published_at":"2026-04-11T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00474","published_at":"2026-04-12T12:55:00Z"},{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00476","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32283"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","reference_id":"0uYbvbPZRWU","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:46Z/"}],"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"},{"reference_url":"https://go.dev/cl/763767","reference_id":"763767","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:46Z/"}],"url":"https://go.dev/cl/763767"},{"reference_url":"https://go.dev/issue/78334","reference_id":"78334","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:46Z/"}],"url":"https://go.dev/issue/78334"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4870","reference_id":"GO-2026-4870","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:46Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4870"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1059619?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077439?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1081519?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-3?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-3%3Fdistro=sid"}],"aliases":["CVE-2026-32283"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vw1r-8zev-ykf4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64347?format=json","vulnerability_id":"VCID-x5ub-bfb7-nbbr","summary":"crypto/x509: Incorrect enforcement of email constraints in crypto/x509","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27137.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27137.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27137","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.017","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01692","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02175","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02177","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02198","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.0216","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02157","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02132","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02145","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.0223","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03157","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03112","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03116","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03123","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27137"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2445345","reference_id":"2445345","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2445345"},{"reference_url":"https://go.dev/cl/752182","reference_id":"752182","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:32:09Z/"}],"url":"https://go.dev/cl/752182"},{"reference_url":"https://go.dev/issue/77952","reference_id":"77952","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:32:09Z/"}],"url":"https://go.dev/issue/77952"},{"reference_url":"https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk","reference_id":"EdhZqrQ98hk","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:32:09Z/"}],"url":"https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4599","reference_id":"GO-2026-4599","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:32:09Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4599"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10125","reference_id":"RHSA-2026:10125","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10125"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10158","reference_id":"RHSA-2026:10158","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10158"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10169","reference_id":"RHSA-2026:10169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10175","reference_id":"RHSA-2026:10175","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10175"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10184","reference_id":"RHSA-2026:10184","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10184"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10225","reference_id":"RHSA-2026:10225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10250","reference_id":"RHSA-2026:10250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10929","reference_id":"RHSA-2026:10929","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10929"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11331","reference_id":"RHSA-2026:11331","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11331"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11800","reference_id":"RHSA-2026:11800","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11800"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13545","reference_id":"RHSA-2026:13545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5110","reference_id":"RHSA-2026:5110","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5110"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5549","reference_id":"RHSA-2026:5549","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5549"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8151","reference_id":"RHSA-2026:8151","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8151"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8167","reference_id":"RHSA-2026:8167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8337","reference_id":"RHSA-2026:8337","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8337"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8338","reference_id":"RHSA-2026:8338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8842","reference_id":"RHSA-2026:8842","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9052","reference_id":"RHSA-2026:9052","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9052"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9385","reference_id":"RHSA-2026:9385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9385"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9697","reference_id":"RHSA-2026:9697","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9697"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9698","reference_id":"RHSA-2026:9698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9699","reference_id":"RHSA-2026:9699","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9872","reference_id":"RHSA-2026:9872","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9872"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/923852?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.1-1?distro=sid","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-245f-jhkn-w3ck"},{"vulnerability":"VCID-91yp-p6st-8ucd"},{"vulnerability":"VCID-gtys-5r5h-p7ht"},{"vulnerability":"VCID-ju53-xpej-3qca"},{"vulnerability":"VCID-s176-xcrb-e3ea"},{"vulnerability":"VCID-svbs-h3y5-wfbn"},{"vulnerability":"VCID-t19m-gs1u-rbfp"},{"vulnerability":"VCID-tf52-aa91-4kf3"},{"vulnerability":"VCID-tmb1-tq9e-puhd"},{"vulnerability":"VCID-vw1r-8zev-ykf4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.1-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1059619?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1077439?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/1081519?format=json","purl":"pkg:deb/debian/golang-1.26@1.26.2-3?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-3%3Fdistro=sid"}],"aliases":["CVE-2026-27137"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x5ub-bfb7-nbbr"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-1.26@1.26.2-3%3Fdistro=sid"}