{"url":"http://public2.vulnerablecode.io/api/packages/142232?format=json","purl":"pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=v3.24&reponame=community","type":"apk","namespace":"alpine","name":"rclone","version":"1.73.5-r0","qualifiers":{"arch":"x86_64","distroversion":"v3.24","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1.74.0-r0","latest_non_vulnerable_version":"1.74.1-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27420?format=json","vulnerability_id":"VCID-1g8k-b81y-duha","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-25679","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.14036","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-25679"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://go.dev/cl/752180","reference_id":"752180","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:36:26Z/"}],"url":"https://go.dev/cl/752180"},{"reference_url":"https://go.dev/issue/77578","reference_id":"77578","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:36:26Z/"}],"url":"https://go.dev/issue/77578"},{"reference_url":"https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk","reference_id":"EdhZqrQ98hk","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:36:26Z/"}],"url":"https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4601","reference_id":"GO-2026-4601","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:36:26Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4601"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/142232?format=json","purl":"pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=v3.24&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=v3.24&reponame=community"}],"aliases":["CVE-2026-25679"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1g8k-b81y-duha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/28157?format=json","vulnerability_id":"VCID-32kz-1jqx-7uf6","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32288","reference_id":"","reference_type":"","scores":[{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00203","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32288"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32288","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32288"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","reference_id":"0uYbvbPZRWU","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:05Z/"}],"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"},{"reference_url":"https://go.dev/cl/763766","reference_id":"763766","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:05Z/"}],"url":"https://go.dev/cl/763766"},{"reference_url":"https://go.dev/issue/78301","reference_id":"78301","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:05Z/"}],"url":"https://go.dev/issue/78301"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4869","reference_id":"GO-2026-4869","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:05Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4869"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/142232?format=json","purl":"pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=v3.24&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=v3.24&reponame=community"}],"aliases":["CVE-2026-32288"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-32kz-1jqx-7uf6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/28214?format=json","vulnerability_id":"VCID-896n-m2w2-mubn","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33186","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05888","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33186"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33186","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33186"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132228","reference_id":"1132228","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132228"},{"reference_url":"https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3","reference_id":"GHSA-p77j-4mvh-x3m3","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-24T18:08:38Z/"}],"url":"https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/142232?format=json","purl":"pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=v3.24&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=v3.24&reponame=community"}],"aliases":["CVE-2026-33186"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-896n-m2w2-mubn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/28272?format=json","vulnerability_id":"VCID-d8kd-wq8n-abce","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33810","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02343","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33810"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","reference_id":"0uYbvbPZRWU","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:57Z/"}],"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"},{"reference_url":"https://go.dev/cl/763763","reference_id":"763763","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:57Z/"}],"url":"https://go.dev/cl/763763"},{"reference_url":"https://go.dev/issue/78332","reference_id":"78332","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:57Z/"}],"url":"https://go.dev/issue/78332"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4866","reference_id":"GO-2026-4866","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:57Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4866"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/142232?format=json","purl":"pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=v3.24&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=v3.24&reponame=community"}],"aliases":["CVE-2026-33810"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d8kd-wq8n-abce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77813?format=json","vulnerability_id":"VCID-ga48-1esk-kkce","summary":"A maliciously crafted TIFF file can cause image decoding to attempt to allocate up 4GiB of memory, causing either excessive resource consumption or an out-of-memory error.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33809","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02125","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33809"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33809"},{"reference_url":"https://go.dev/cl/757660","reference_id":"757660","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T20:05:32Z/"}],"url":"https://go.dev/cl/757660"},{"reference_url":"https://go.dev/issue/78267","reference_id":"78267","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T20:05:32Z/"}],"url":"https://go.dev/issue/78267"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4815","reference_id":"GO-2026-4815","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T20:05:32Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4815"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/142232?format=json","purl":"pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=v3.24&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=v3.24&reponame=community"}],"aliases":["CVE-2026-33809"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ga48-1esk-kkce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27510?format=json","vulnerability_id":"VCID-pw5s-zddf-v7at","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27143","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06367","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27143"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27143","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27143"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","reference_id":"0uYbvbPZRWU","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:50:24Z/"}],"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"},{"reference_url":"https://go.dev/cl/763765","reference_id":"763765","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:50:24Z/"}],"url":"https://go.dev/cl/763765"},{"reference_url":"https://go.dev/issue/78333","reference_id":"78333","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:50:24Z/"}],"url":"https://go.dev/issue/78333"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4868","reference_id":"GO-2026-4868","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:50:24Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4868"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/142232?format=json","purl":"pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=v3.24&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=v3.24&reponame=community"}],"aliases":["CVE-2026-27143"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pw5s-zddf-v7at"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/25922?format=json","vulnerability_id":"VCID-py5v-egye-uydu","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-68121","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04531","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-68121"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68121","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68121"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125916","reference_id":"1125916","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125916"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125917","reference_id":"1125917","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1125917"},{"reference_url":"https://go.dev/cl/737700","reference_id":"737700","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-29T03:55:46Z/"}],"url":"https://go.dev/cl/737700"},{"reference_url":"https://go.dev/issue/77217","reference_id":"77217","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-29T03:55:46Z/"}],"url":"https://go.dev/issue/77217"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4337","reference_id":"GO-2026-4337","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-29T03:55:46Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4337"},{"reference_url":"https://groups.google.com/g/golang-announce/c/K09ubi9FQFk","reference_id":"K09ubi9FQFk","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-29T03:55:46Z/"}],"url":"https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/142232?format=json","purl":"pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=v3.24&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=v3.24&reponame=community"}],"aliases":["CVE-2025-68121"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-py5v-egye-uydu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27511?format=json","vulnerability_id":"VCID-qdsk-zczp-nqfz","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27144","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00321","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27144"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27144","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27144"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","reference_id":"0uYbvbPZRWU","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:49:47Z/"}],"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"},{"reference_url":"https://go.dev/cl/763764","reference_id":"763764","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:49:47Z/"}],"url":"https://go.dev/cl/763764"},{"reference_url":"https://go.dev/issue/78371","reference_id":"78371","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:49:47Z/"}],"url":"https://go.dev/issue/78371"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4867","reference_id":"GO-2026-4867","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:49:47Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4867"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/142232?format=json","purl":"pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=v3.24&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=v3.24&reponame=community"}],"aliases":["CVE-2026-27144"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qdsk-zczp-nqfz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27509?format=json","vulnerability_id":"VCID-tb5w-qkrp-37b7","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27142","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02037","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27142"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27142","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27142"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://go.dev/cl/752081","reference_id":"752081","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-16T15:21:11Z/"}],"url":"https://go.dev/cl/752081"},{"reference_url":"https://go.dev/issue/77954","reference_id":"77954","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-16T15:21:11Z/"}],"url":"https://go.dev/issue/77954"},{"reference_url":"https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk","reference_id":"EdhZqrQ98hk","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-16T15:21:11Z/"}],"url":"https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4603","reference_id":"GO-2026-4603","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-16T15:21:11Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4603"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/142232?format=json","purl":"pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=v3.24&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=v3.24&reponame=community"}],"aliases":["CVE-2026-27142"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tb5w-qkrp-37b7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27507?format=json","vulnerability_id":"VCID-tucf-176a-ekek","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27140","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03534","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27140"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","reference_id":"0uYbvbPZRWU","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:55:58Z/"}],"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"},{"reference_url":"https://go.dev/cl/763768","reference_id":"763768","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:55:58Z/"}],"url":"https://go.dev/cl/763768"},{"reference_url":"https://go.dev/issue/78335","reference_id":"78335","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:55:58Z/"}],"url":"https://go.dev/issue/78335"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4871","reference_id":"GO-2026-4871","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:55:58Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4871"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/142232?format=json","purl":"pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=v3.24&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=v3.24&reponame=community"}],"aliases":["CVE-2026-27140"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tucf-176a-ekek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/27505?format=json","vulnerability_id":"VCID-xn3t-g4xt-4kek","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27138","reference_id":"","reference_type":"","scores":[{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08857","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27138"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://go.dev/cl/752183","reference_id":"752183","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:34:15Z/"}],"url":"https://go.dev/cl/752183"},{"reference_url":"https://go.dev/issue/77953","reference_id":"77953","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:34:15Z/"}],"url":"https://go.dev/issue/77953"},{"reference_url":"https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk","reference_id":"EdhZqrQ98hk","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:34:15Z/"}],"url":"https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4600","reference_id":"GO-2026-4600","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T13:34:15Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4600"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/142232?format=json","purl":"pkg:apk/alpine/rclone@1.73.5-r0?arch=x86_64&distroversion=v3.24&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=v3.24&reponame=community"}],"aliases":["CVE-2026-27138"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xn3t-g4xt-4kek"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/rclone@1.73.5-r0%3Farch=x86_64&distroversion=v3.24&reponame=community"}