{"url":"http://public2.vulnerablecode.io/api/packages/438516?format=json","purl":"pkg:apk/alpine/go@1.25.9-r0?arch=s390x&distroversion=v3.23&reponame=community","type":"apk","namespace":"alpine","name":"go","version":"1.25.9-r0","qualifiers":{"arch":"s390x","distroversion":"v3.23","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1.25.10-r0","latest_non_vulnerable_version":"1.25.10-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63001?format=json","vulnerability_id":"VCID-118e-83sc-m7d9","summary":"crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32280.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32280.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32280","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06216","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06205","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06177","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06201","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06155","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32280"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32280","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32280"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456339","reference_id":"2456339","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456339"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10217","reference_id":"RHSA-2026:10217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10219","reference_id":"RHSA-2026:10219","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10219"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10704","reference_id":"RHSA-2026:10704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11507","reference_id":"RHSA-2026:11507","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11507"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11514","reference_id":"RHSA-2026:11514","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11514"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11688","reference_id":"RHSA-2026:11688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13545","reference_id":"RHSA-2026:13545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13791","reference_id":"RHSA-2026:13791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13826","reference_id":"RHSA-2026:13826","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13826"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14020","reference_id":"RHSA-2026:14020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14162","reference_id":"RHSA-2026:14162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14200","reference_id":"RHSA-2026:14200","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14200"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14391","reference_id":"RHSA-2026:14391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15980","reference_id":"RHSA-2026:15980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16021","reference_id":"RHSA-2026:16021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16024","reference_id":"RHSA-2026:16024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16101","reference_id":"RHSA-2026:16101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16101"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16476","reference_id":"RHSA-2026:16476","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16476"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16477","reference_id":"RHSA-2026:16477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16505","reference_id":"RHSA-2026:16505","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16505"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16508","reference_id":"RHSA-2026:16508","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16508"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16532","reference_id":"RHSA-2026:16532","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16532"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16534","reference_id":"RHSA-2026:16534","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16534"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16535","reference_id":"RHSA-2026:16535","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16535"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16537","reference_id":"RHSA-2026:16537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16542","reference_id":"RHSA-2026:16542","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16542"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16874","reference_id":"RHSA-2026:16874","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16875","reference_id":"RHSA-2026:16875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17084","reference_id":"RHSA-2026:17084","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17084"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17287","reference_id":"RHSA-2026:17287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:18027","reference_id":"RHSA-2026:18027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:18027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:18032","reference_id":"RHSA-2026:18032","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:18032"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19133","reference_id":"RHSA-2026:19133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19135","reference_id":"RHSA-2026:19135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19144","reference_id":"RHSA-2026:19144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19350","reference_id":"RHSA-2026:19350","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19350"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19353","reference_id":"RHSA-2026:19353","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19353"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19375","reference_id":"RHSA-2026:19375","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19375"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19450","reference_id":"RHSA-2026:19450","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19450"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19550","reference_id":"RHSA-2026:19550","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19550"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19634","reference_id":"RHSA-2026:19634","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19634"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19714","reference_id":"RHSA-2026:19714","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19714"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19715","reference_id":"RHSA-2026:19715","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19715"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19719","reference_id":"RHSA-2026:19719","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19719"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19720","reference_id":"RHSA-2026:19720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19721","reference_id":"RHSA-2026:19721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19722","reference_id":"RHSA-2026:19722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19750","reference_id":"RHSA-2026:19750","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19750"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19839","reference_id":"RHSA-2026:19839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20556","reference_id":"RHSA-2026:20556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20556"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20569","reference_id":"RHSA-2026:20569","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20569"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20570","reference_id":"RHSA-2026:20570","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20570"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20571","reference_id":"RHSA-2026:20571","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20571"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20607","reference_id":"RHSA-2026:20607","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20607"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20608","reference_id":"RHSA-2026:20608","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20608"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20609","reference_id":"RHSA-2026:20609","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20609"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21017","reference_id":"RHSA-2026:21017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21338","reference_id":"RHSA-2026:21338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21655","reference_id":"RHSA-2026:21655","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21655"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21769","reference_id":"RHSA-2026:21769","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21769"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21772","reference_id":"RHSA-2026:21772","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21772"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22130","reference_id":"RHSA-2026:22130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22130"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22141","reference_id":"RHSA-2026:22141","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22141"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22258","reference_id":"RHSA-2026:22258","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22258"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22260","reference_id":"RHSA-2026:22260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22268","reference_id":"RHSA-2026:22268","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22268"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22309","reference_id":"RHSA-2026:22309","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22309"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22347","reference_id":"RHSA-2026:22347","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22347"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22415","reference_id":"RHSA-2026:22415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22422","reference_id":"RHSA-2026:22422","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22422"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22465","reference_id":"RHSA-2026:22465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22485","reference_id":"RHSA-2026:22485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22709","reference_id":"RHSA-2026:22709","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22709"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22713","reference_id":"RHSA-2026:22713","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22713"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22840","reference_id":"RHSA-2026:22840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22862","reference_id":"RHSA-2026:22862","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22958","reference_id":"RHSA-2026:22958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22959","reference_id":"RHSA-2026:22959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22960","reference_id":"RHSA-2026:22960","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22960"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22961","reference_id":"RHSA-2026:22961","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22961"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22962","reference_id":"RHSA-2026:22962","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22962"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:23102","reference_id":"RHSA-2026:23102","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:23102"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:23103","reference_id":"RHSA-2026:23103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:23103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:23345","reference_id":"RHSA-2026:23345","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:23345"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:23361","reference_id":"RHSA-2026:23361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:23361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:24337","reference_id":"RHSA-2026:24337","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:24337"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:24359","reference_id":"RHSA-2026:24359","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:24359"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:24470","reference_id":"RHSA-2026:24470","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:24470"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:24478","reference_id":"RHSA-2026:24478","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:24478"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:24716","reference_id":"RHSA-2026:24716","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:24716"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9385","reference_id":"RHSA-2026:9385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/438516?format=json","purl":"pkg:apk/alpine/go@1.25.9-r0?arch=s390x&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.9-r0%3Farch=s390x&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2026-32280"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-118e-83sc-m7d9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63223?format=json","vulnerability_id":"VCID-28xd-259h-vkak","summary":"golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32282.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32282.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32282","reference_id":"","reference_type":"","scores":[{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01272","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01274","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01277","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.0128","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01271","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32282","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32282"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","reference_id":"0uYbvbPZRWU","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:47:42Z/"}],"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456336","reference_id":"2456336","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456336"},{"reference_url":"https://go.dev/cl/763761","reference_id":"763761","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:47:42Z/"}],"url":"https://go.dev/cl/763761"},{"reference_url":"https://go.dev/issue/78293","reference_id":"78293","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:47:42Z/"}],"url":"https://go.dev/issue/78293"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4864","reference_id":"GO-2026-4864","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:47:42Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4864"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10217","reference_id":"RHSA-2026:10217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10219","reference_id":"RHSA-2026:10219","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10219"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10704","reference_id":"RHSA-2026:10704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11408","reference_id":"RHSA-2026:11408","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11408"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11507","reference_id":"RHSA-2026:11507","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11507"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11514","reference_id":"RHSA-2026:11514","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11514"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11704","reference_id":"RHSA-2026:11704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11711","reference_id":"RHSA-2026:11711","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11711"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11712","reference_id":"RHSA-2026:11712","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11712"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11803","reference_id":"RHSA-2026:11803","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11803"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11863","reference_id":"RHSA-2026:11863","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11863"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13791","reference_id":"RHSA-2026:13791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13826","reference_id":"RHSA-2026:13826","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13826"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13829","reference_id":"RHSA-2026:13829","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13829"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14200","reference_id":"RHSA-2026:14200","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14200"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14391","reference_id":"RHSA-2026:14391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15980","reference_id":"RHSA-2026:15980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16021","reference_id":"RHSA-2026:16021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16024","reference_id":"RHSA-2026:16024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16101","reference_id":"RHSA-2026:16101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16101"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16874","reference_id":"RHSA-2026:16874","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16875","reference_id":"RHSA-2026:16875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17075","reference_id":"RHSA-2026:17075","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17075"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17084","reference_id":"RHSA-2026:17084","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17084"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:18027","reference_id":"RHSA-2026:18027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:18027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:18032","reference_id":"RHSA-2026:18032","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:18032"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19132","reference_id":"RHSA-2026:19132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19133","reference_id":"RHSA-2026:19133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19134","reference_id":"RHSA-2026:19134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19135","reference_id":"RHSA-2026:19135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19136","reference_id":"RHSA-2026:19136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19144","reference_id":"RHSA-2026:19144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19156","reference_id":"RHSA-2026:19156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19350","reference_id":"RHSA-2026:19350","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19350"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19351","reference_id":"RHSA-2026:19351","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19352","reference_id":"RHSA-2026:19352","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19353","reference_id":"RHSA-2026:19353","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19353"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19369","reference_id":"RHSA-2026:19369","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19369"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19375","reference_id":"RHSA-2026:19375","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19375"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19450","reference_id":"RHSA-2026:19450","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19450"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19550","reference_id":"RHSA-2026:19550","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19550"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19714","reference_id":"RHSA-2026:19714","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19714"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19715","reference_id":"RHSA-2026:19715","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19715"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19719","reference_id":"RHSA-2026:19719","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19719"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19720","reference_id":"RHSA-2026:19720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19721","reference_id":"RHSA-2026:19721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19722","reference_id":"RHSA-2026:19722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19750","reference_id":"RHSA-2026:19750","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19750"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19839","reference_id":"RHSA-2026:19839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20556","reference_id":"RHSA-2026:20556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20556"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20947","reference_id":"RHSA-2026:20947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21017","reference_id":"RHSA-2026:21017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21338","reference_id":"RHSA-2026:21338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21769","reference_id":"RHSA-2026:21769","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21769"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21772","reference_id":"RHSA-2026:21772","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21772"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22141","reference_id":"RHSA-2026:22141","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22141"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22299","reference_id":"RHSA-2026:22299","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22299"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22326","reference_id":"RHSA-2026:22326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22347","reference_id":"RHSA-2026:22347","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22347"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22423","reference_id":"RHSA-2026:22423","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22423"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22450","reference_id":"RHSA-2026:22450","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22450"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22465","reference_id":"RHSA-2026:22465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22485","reference_id":"RHSA-2026:22485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22629","reference_id":"RHSA-2026:22629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22709","reference_id":"RHSA-2026:22709","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22709"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22713","reference_id":"RHSA-2026:22713","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22713"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22714","reference_id":"RHSA-2026:22714","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22714"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22840","reference_id":"RHSA-2026:22840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22862","reference_id":"RHSA-2026:22862","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22937","reference_id":"RHSA-2026:22937","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22937"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:23228","reference_id":"RHSA-2026:23228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:23228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:23345","reference_id":"RHSA-2026:23345","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:23345"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:23361","reference_id":"RHSA-2026:23361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:23361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:24337","reference_id":"RHSA-2026:24337","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:24337"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:24482","reference_id":"RHSA-2026:24482","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:24482"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:24503","reference_id":"RHSA-2026:24503","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:24503"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:24716","reference_id":"RHSA-2026:24716","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:24716"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9385","reference_id":"RHSA-2026:9385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/438516?format=json","purl":"pkg:apk/alpine/go@1.25.9-r0?arch=s390x&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.9-r0%3Farch=s390x&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2026-32282"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-28xd-259h-vkak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63211?format=json","vulnerability_id":"VCID-4hh4-mwg9-dqdp","summary":"crypto/x509: golang: Go crypto/x509: Certificate validation bypass due to incorrect DNS constraint application","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33810.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33810.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33810","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02323","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02435","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.0243","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02379","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02365","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33810"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","reference_id":"0uYbvbPZRWU","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:57Z/"}],"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456335","reference_id":"2456335","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456335"},{"reference_url":"https://go.dev/cl/763763","reference_id":"763763","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:57Z/"}],"url":"https://go.dev/cl/763763"},{"reference_url":"https://go.dev/issue/78332","reference_id":"78332","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:57Z/"}],"url":"https://go.dev/issue/78332"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4866","reference_id":"GO-2026-4866","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:57Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10155","reference_id":"RHSA-2026:10155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10158","reference_id":"RHSA-2026:10158","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10158"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11330","reference_id":"RHSA-2026:11330","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11330"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11331","reference_id":"RHSA-2026:11331","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11331"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13545","reference_id":"RHSA-2026:13545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13791","reference_id":"RHSA-2026:13791","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14391","reference_id":"RHSA-2026:14391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19135","reference_id":"RHSA-2026:19135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19144","reference_id":"RHSA-2026:19144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19353","reference_id":"RHSA-2026:19353","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19353"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19719","reference_id":"RHSA-2026:19719","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19719"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19720","reference_id":"RHSA-2026:19720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19721","reference_id":"RHSA-2026:19721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21769","reference_id":"RHSA-2026:21769","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21769"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21772","reference_id":"RHSA-2026:21772","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21772"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22347","reference_id":"RHSA-2026:22347","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22347"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22485","reference_id":"RHSA-2026:22485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22862","reference_id":"RHSA-2026:22862","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22958","reference_id":"RHSA-2026:22958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22959","reference_id":"RHSA-2026:22959","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22959"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22960","reference_id":"RHSA-2026:22960","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22960"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22961","reference_id":"RHSA-2026:22961","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22961"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22962","reference_id":"RHSA-2026:22962","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22962"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:23345","reference_id":"RHSA-2026:23345","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:23345"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:24478","reference_id":"RHSA-2026:24478","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:24478"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:9385","reference_id":"RHSA-2026:9385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:9385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/438516?format=json","purl":"pkg:apk/alpine/go@1.25.9-r0?arch=s390x&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.9-r0%3Farch=s390x&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2026-33810"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4hh4-mwg9-dqdp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63105?format=json","vulnerability_id":"VCID-asgx-7em7-67cc","summary":"archive/tar: golang: Go's archive/tar package: Denial of Service via maliciously-crafted archive","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32288.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32288.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32288","reference_id":"","reference_type":"","scores":[{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00205","published_at":"2026-06-09T12:55:00Z"},{"value":"4e-05","scoring_system":"epss","scoring_elements":"0.00207","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32288"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32288","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32288"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","reference_id":"0uYbvbPZRWU","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:05Z/"}],"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456332","reference_id":"2456332","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456332"},{"reference_url":"https://go.dev/cl/763766","reference_id":"763766","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:05Z/"}],"url":"https://go.dev/cl/763766"},{"reference_url":"https://go.dev/issue/78301","reference_id":"78301","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:05Z/"}],"url":"https://go.dev/issue/78301"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4869","reference_id":"GO-2026-4869","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:05Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4869"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/438516?format=json","purl":"pkg:apk/alpine/go@1.25.9-r0?arch=s390x&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.9-r0%3Farch=s390x&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2026-32288"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-asgx-7em7-67cc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62983?format=json","vulnerability_id":"VCID-ghyf-2s7v-xkf4","summary":"crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32281.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32281.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32281","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.0636","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06417","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06407","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06399","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06353","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32281"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","reference_id":"0uYbvbPZRWU","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:52:37Z/"}],"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456333","reference_id":"2456333","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456333"},{"reference_url":"https://go.dev/cl/758061","reference_id":"758061","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:52:37Z/"}],"url":"https://go.dev/cl/758061"},{"reference_url":"https://go.dev/issue/78281","reference_id":"78281","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:52:37Z/"}],"url":"https://go.dev/issue/78281"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4946","reference_id":"GO-2026-4946","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:52:37Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10217","reference_id":"RHSA-2026:10217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10219","reference_id":"RHSA-2026:10219","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10219"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16021","reference_id":"RHSA-2026:16021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16024","reference_id":"RHSA-2026:16024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16101","reference_id":"RHSA-2026:16101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16101"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:18027","reference_id":"RHSA-2026:18027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:18027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:18032","reference_id":"RHSA-2026:18032","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:18032"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19135","reference_id":"RHSA-2026:19135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19353","reference_id":"RHSA-2026:19353","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19353"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19450","reference_id":"RHSA-2026:19450","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19450"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19719","reference_id":"RHSA-2026:19719","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19719"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19720","reference_id":"RHSA-2026:19720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19721","reference_id":"RHSA-2026:19721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19839","reference_id":"RHSA-2026:19839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20454","reference_id":"RHSA-2026:20454","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20454"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20455","reference_id":"RHSA-2026:20455","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20455"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20456","reference_id":"RHSA-2026:20456","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20457","reference_id":"RHSA-2026:20457","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20457"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20460","reference_id":"RHSA-2026:20460","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20460"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20556","reference_id":"RHSA-2026:20556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20556"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20569","reference_id":"RHSA-2026:20569","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20569"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20570","reference_id":"RHSA-2026:20570","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20570"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20571","reference_id":"RHSA-2026:20571","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20571"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20938","reference_id":"RHSA-2026:20938","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20938"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20943","reference_id":"RHSA-2026:20943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20946","reference_id":"RHSA-2026:20946","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20946"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20947","reference_id":"RHSA-2026:20947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21017","reference_id":"RHSA-2026:21017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21338","reference_id":"RHSA-2026:21338","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21338"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21769","reference_id":"RHSA-2026:21769","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21769"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22141","reference_id":"RHSA-2026:22141","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22141"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22299","reference_id":"RHSA-2026:22299","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22299"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22309","reference_id":"RHSA-2026:22309","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22309"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22347","reference_id":"RHSA-2026:22347","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22347"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22465","reference_id":"RHSA-2026:22465","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22485","reference_id":"RHSA-2026:22485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22629","reference_id":"RHSA-2026:22629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22713","reference_id":"RHSA-2026:22713","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22713"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22840","reference_id":"RHSA-2026:22840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22862","reference_id":"RHSA-2026:22862","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:23102","reference_id":"RHSA-2026:23102","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:23102"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:23103","reference_id":"RHSA-2026:23103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:23103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:23345","reference_id":"RHSA-2026:23345","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:23345"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:23361","reference_id":"RHSA-2026:23361","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:23361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:24337","reference_id":"RHSA-2026:24337","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:24337"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:24470","reference_id":"RHSA-2026:24470","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:24470"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:24473","reference_id":"RHSA-2026:24473","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:24473"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:24482","reference_id":"RHSA-2026:24482","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:24482"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:24503","reference_id":"RHSA-2026:24503","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:24503"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:24716","reference_id":"RHSA-2026:24716","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:24716"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/438516?format=json","purl":"pkg:apk/alpine/go@1.25.9-r0?arch=s390x&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.9-r0%3Farch=s390x&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2026-32281"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ghyf-2s7v-xkf4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63107?format=json","vulnerability_id":"VCID-nk4b-p773-huc4","summary":"crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32283.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32283.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32283","reference_id":"","reference_type":"","scores":[{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05204","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05221","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05207","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05199","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05159","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32283"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","reference_id":"0uYbvbPZRWU","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:46Z/"}],"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456338","reference_id":"2456338","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456338"},{"reference_url":"https://go.dev/cl/763767","reference_id":"763767","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:46Z/"}],"url":"https://go.dev/cl/763767"},{"reference_url":"https://go.dev/issue/78334","reference_id":"78334","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:46Z/"}],"url":"https://go.dev/issue/78334"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4870","reference_id":"GO-2026-4870","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:51:46Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4870"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10217","reference_id":"RHSA-2026:10217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10219","reference_id":"RHSA-2026:10219","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10219"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10704","reference_id":"RHSA-2026:10704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11507","reference_id":"RHSA-2026:11507","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11507"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11514","reference_id":"RHSA-2026:11514","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11514"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11704","reference_id":"RHSA-2026:11704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11711","reference_id":"RHSA-2026:11711","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11711"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11712","reference_id":"RHSA-2026:11712","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11712"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11863","reference_id":"RHSA-2026:11863","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11863"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11881","reference_id":"RHSA-2026:11881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14162","reference_id":"RHSA-2026:14162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14200","reference_id":"RHSA-2026:14200","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14200"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14391","reference_id":"RHSA-2026:14391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:15980","reference_id":"RHSA-2026:15980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:15980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16021","reference_id":"RHSA-2026:16021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16024","reference_id":"RHSA-2026:16024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16101","reference_id":"RHSA-2026:16101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16101"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16102","reference_id":"RHSA-2026:16102","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16102"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16875","reference_id":"RHSA-2026:16875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17075","reference_id":"RHSA-2026:17075","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17075"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17084","reference_id":"RHSA-2026:17084","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17084"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:17287","reference_id":"RHSA-2026:17287","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:17287"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:18027","reference_id":"RHSA-2026:18027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:18027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:18032","reference_id":"RHSA-2026:18032","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:18032"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19126","reference_id":"RHSA-2026:19126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19126"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19132","reference_id":"RHSA-2026:19132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19133","reference_id":"RHSA-2026:19133","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19133"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19134","reference_id":"RHSA-2026:19134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19135","reference_id":"RHSA-2026:19135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19136","reference_id":"RHSA-2026:19136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19136"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19137","reference_id":"RHSA-2026:19137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19139","reference_id":"RHSA-2026:19139","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19139"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19144","reference_id":"RHSA-2026:19144","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19144"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19156","reference_id":"RHSA-2026:19156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19350","reference_id":"RHSA-2026:19350","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19350"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19351","reference_id":"RHSA-2026:19351","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19352","reference_id":"RHSA-2026:19352","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19353","reference_id":"RHSA-2026:19353","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19353"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19369","reference_id":"RHSA-2026:19369","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19369"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19450","reference_id":"RHSA-2026:19450","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19450"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19550","reference_id":"RHSA-2026:19550","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19550"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19634","reference_id":"RHSA-2026:19634","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19634"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19714","reference_id":"RHSA-2026:19714","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19714"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19715","reference_id":"RHSA-2026:19715","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19715"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19719","reference_id":"RHSA-2026:19719","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19719"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19720","reference_id":"RHSA-2026:19720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19721","reference_id":"RHSA-2026:19721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19722","reference_id":"RHSA-2026:19722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19750","reference_id":"RHSA-2026:19750","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19750"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19839","reference_id":"RHSA-2026:19839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19839"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20556","reference_id":"RHSA-2026:20556","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20556"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20569","reference_id":"RHSA-2026:20569","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20569"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20570","reference_id":"RHSA-2026:20570","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20570"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20571","reference_id":"RHSA-2026:20571","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20571"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20607","reference_id":"RHSA-2026:20607","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20607"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20608","reference_id":"RHSA-2026:20608","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20608"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20609","reference_id":"RHSA-2026:20609","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20609"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21769","reference_id":"RHSA-2026:21769","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21769"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22347","reference_id":"RHSA-2026:22347","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22347"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22423","reference_id":"RHSA-2026:22423","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22423"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22450","reference_id":"RHSA-2026:22450","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22450"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22485","reference_id":"RHSA-2026:22485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22709","reference_id":"RHSA-2026:22709","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22709"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22713","reference_id":"RHSA-2026:22713","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22713"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22714","reference_id":"RHSA-2026:22714","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22714"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:22937","reference_id":"RHSA-2026:22937","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:22937"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:23102","reference_id":"RHSA-2026:23102","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:23102"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:23103","reference_id":"RHSA-2026:23103","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:23103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:23228","reference_id":"RHSA-2026:23228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:23228"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:23345","reference_id":"RHSA-2026:23345","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:23345"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:24337","reference_id":"RHSA-2026:24337","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:24337"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:24470","reference_id":"RHSA-2026:24470","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:24470"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/438516?format=json","purl":"pkg:apk/alpine/go@1.25.9-r0?arch=s390x&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.9-r0%3Farch=s390x&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2026-32283"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nk4b-p773-huc4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63204?format=json","vulnerability_id":"VCID-pq6z-t1rz-eub4","summary":"golang: cmd/compile: possible memory corruption after bound check elimination","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27143.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27143.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27143","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06339","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06394","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06385","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06376","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06331","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27143"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27143","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27143"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","reference_id":"0uYbvbPZRWU","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:50:24Z/"}],"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456342","reference_id":"2456342","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456342"},{"reference_url":"https://go.dev/cl/763765","reference_id":"763765","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:50:24Z/"}],"url":"https://go.dev/cl/763765"},{"reference_url":"https://go.dev/issue/78333","reference_id":"78333","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:50:24Z/"}],"url":"https://go.dev/issue/78333"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4868","reference_id":"GO-2026-4868","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:50:24Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10217","reference_id":"RHSA-2026:10217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10219","reference_id":"RHSA-2026:10219","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10219"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10704","reference_id":"RHSA-2026:10704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11688","reference_id":"RHSA-2026:11688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16021","reference_id":"RHSA-2026:16021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16024","reference_id":"RHSA-2026:16024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16477","reference_id":"RHSA-2026:16477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16505","reference_id":"RHSA-2026:16505","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16505"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16508","reference_id":"RHSA-2026:16508","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16508"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16537","reference_id":"RHSA-2026:16537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20041","reference_id":"RHSA-2026:20041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21657","reference_id":"RHSA-2026:21657","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21657"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/438516?format=json","purl":"pkg:apk/alpine/go@1.25.9-r0?arch=s390x&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.9-r0%3Farch=s390x&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2026-27143"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pq6z-t1rz-eub4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63199?format=json","vulnerability_id":"VCID-sgvb-gxas-fycq","summary":"cmd/go: golang: Go (golang) and cmd/go: Arbitrary Code Execution via malicious SWIG file names","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27140.json","reference_id":"","reference_type":"","scores":[{"value":"9.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27140.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27140","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03514","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03532","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03545","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03531","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.0351","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27140"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","reference_id":"0uYbvbPZRWU","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:55:58Z/"}],"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456341","reference_id":"2456341","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456341"},{"reference_url":"https://go.dev/cl/763768","reference_id":"763768","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:55:58Z/"}],"url":"https://go.dev/cl/763768"},{"reference_url":"https://go.dev/issue/78335","reference_id":"78335","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:55:58Z/"}],"url":"https://go.dev/issue/78335"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4871","reference_id":"GO-2026-4871","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T03:55:58Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4871"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10217","reference_id":"RHSA-2026:10217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10219","reference_id":"RHSA-2026:10219","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10219"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10704","reference_id":"RHSA-2026:10704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16021","reference_id":"RHSA-2026:16021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16024","reference_id":"RHSA-2026:16024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16494","reference_id":"RHSA-2026:16494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16497","reference_id":"RHSA-2026:16497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16498","reference_id":"RHSA-2026:16498","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16498"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16694","reference_id":"RHSA-2026:16694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16694"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16697","reference_id":"RHSA-2026:16697","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16697"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16698","reference_id":"RHSA-2026:16698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16698"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/438516?format=json","purl":"pkg:apk/alpine/go@1.25.9-r0?arch=s390x&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.9-r0%3Farch=s390x&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2026-27140"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sgvb-gxas-fycq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63209?format=json","vulnerability_id":"VCID-w7sj-6zb8-e3he","summary":"html/template: golang: html/template: Cross-Site Scripting (XSS) via improper context and brace depth tracking in JS template literals","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32289.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32289.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32289","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.0146","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01458","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01466","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01468","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-32289"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32289","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32289"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","reference_id":"0uYbvbPZRWU","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:22Z/"}],"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456334","reference_id":"2456334","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456334"},{"reference_url":"https://go.dev/cl/763762","reference_id":"763762","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:22Z/"}],"url":"https://go.dev/cl/763762"},{"reference_url":"https://go.dev/issue/78331","reference_id":"78331","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:22Z/"}],"url":"https://go.dev/issue/78331"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4865","reference_id":"GO-2026-4865","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:48:22Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/438516?format=json","purl":"pkg:apk/alpine/go@1.25.9-r0?arch=s390x&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.9-r0%3Farch=s390x&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2026-32289"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w7sj-6zb8-e3he"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63218?format=json","vulnerability_id":"VCID-z5mz-9r79-nkgr","summary":"golang: cmd/compile: no-op interface conversion bypasses overlap checking","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27144.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27144.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27144","reference_id":"","reference_type":"","scores":[{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00323","published_at":"2026-06-09T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00463","published_at":"2026-06-05T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00331","published_at":"2026-06-06T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00325","published_at":"2026-06-07T12:55:00Z"},{"value":"6e-05","scoring_system":"epss","scoring_elements":"0.00322","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-27144"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27144","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27144"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU","reference_id":"0uYbvbPZRWU","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:49:47Z/"}],"url":"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456340","reference_id":"2456340","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456340"},{"reference_url":"https://go.dev/cl/763764","reference_id":"763764","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:49:47Z/"}],"url":"https://go.dev/cl/763764"},{"reference_url":"https://go.dev/issue/78371","reference_id":"78371","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:49:47Z/"}],"url":"https://go.dev/issue/78371"},{"reference_url":"https://pkg.go.dev/vuln/GO-2026-4867","reference_id":"GO-2026-4867","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:49:47Z/"}],"url":"https://pkg.go.dev/vuln/GO-2026-4867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10217","reference_id":"RHSA-2026:10217","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10217"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10219","reference_id":"RHSA-2026:10219","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10219"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10704","reference_id":"RHSA-2026:10704","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10704"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11688","reference_id":"RHSA-2026:11688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:11688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16021","reference_id":"RHSA-2026:16021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16024","reference_id":"RHSA-2026:16024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16477","reference_id":"RHSA-2026:16477","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16477"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16505","reference_id":"RHSA-2026:16505","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16505"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16508","reference_id":"RHSA-2026:16508","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16508"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16537","reference_id":"RHSA-2026:16537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20041","reference_id":"RHSA-2026:20041","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:21657","reference_id":"RHSA-2026:21657","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:21657"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7291","reference_id":"RHSA-2026:7291","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7291"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7385","reference_id":"RHSA-2026:7385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/438516?format=json","purl":"pkg:apk/alpine/go@1.25.9-r0?arch=s390x&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.9-r0%3Farch=s390x&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2026-27144"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z5mz-9r79-nkgr"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/go@1.25.9-r0%3Farch=s390x&distroversion=v3.23&reponame=community"}