System Vulnerabilities (172)
Last scan: 06:46:56
Refresh Scan
2
CRITICAL
170
HIGH
| Severity | Package | Version | Fixed In | CVE | Title |
|---|---|---|---|---|---|
| HIGH | linux-headers-6.8.0-106 | 6.8.0-106.106 | 6.8.0-107.107 | CVE-2026-23111 | kernel: Kernel: Privilege escalation or denial of service in nf_tables via inverted element activity check |
| HIGH | linux-headers-6.8.0-106-generic | 6.8.0-106.106 | 6.8.0-107.107 | CVE-2026-23111 | kernel: Kernel: Privilege escalation or denial of service in nf_tables via inverted element activity check |
| HIGH | linux-modules-6.8.0-106-generic | 6.8.0-106.106 | 6.8.0-107.107 | CVE-2026-23111 | kernel: Kernel: Privilege escalation or denial of service in nf_tables via inverted element activity check |
| HIGH | linux-modules-extra-6.8.0-106-generic | 6.8.0-106.106 | 6.8.0-107.107 | CVE-2026-23111 | kernel: Kernel: Privilege escalation or denial of service in nf_tables via inverted element activity check |
| HIGH | linux-tools-6.8.0-106 | 6.8.0-106.106 | 6.8.0-107.107 | CVE-2026-23111 | kernel: Kernel: Privilege escalation or denial of service in nf_tables via inverted element activity check |
| HIGH | linux-tools-6.8.0-106-generic | 6.8.0-106.106 | 6.8.0-107.107 | CVE-2026-23111 | kernel: Kernel: Privilege escalation or denial of service in nf_tables via inverted element activity check |
| HIGH | @anthropic-ai/claude-code | 2.1.31 | 2.1.53 | CVE-2026-33068 | Claude Code has a Workspace Trust Dialog Bypass via Repo-Controlled Settings File |
| HIGH | Brotli | 1.1.0 | 1.2.0 | CVE-2025-6176 | Scrapy: python-scrapy: brotli: Python brotli decompression bomb DoS |
| HIGH | Scrapy | 2.14.1 | - | CVE-2017-14158 | Scrapy 1.4 allows remote attackers to cause a denial of service (memor ... |
| HIGH | Scrapy | 2.14.1 | 2.14.2 | GHSA-cwxj-rr6w-m6w7 | Scrapy: Arbitrary Module Import via Referrer-Policy Header in RefererMiddleware |
| HIGH | cryptography | 46.0.3 | 46.0.5 | CVE-2026-26007 | cryptography: cryptography Subgroup Attack Due to Missing Subgroup Validation for SECT Curves |
| HIGH | cryptography | 46.0.3 | 46.0.5 | CVE-2026-26007 | cryptography: cryptography Subgroup Attack Due to Missing Subgroup Validation for SECT Curves |
| HIGH | pillow | 11.3.0 | 12.1.1 | CVE-2026-25990 | pillow: Pillow: Out-of-bounds Write via Specially Crafted PSD Image |
| HIGH | pillow | 11.3.0 | 12.2.0 | CVE-2026-40192 | Pillow: Pillow: Denial of Service via decompression bomb in FITS image processing |
| HIGH | pillow | 12.0.0 | 12.1.1 | CVE-2026-25990 | pillow: Pillow: Out-of-bounds Write via Specially Crafted PSD Image |
| HIGH | pillow | 12.0.0 | 12.2.0 | CVE-2026-40192 | Pillow: Pillow: Denial of Service via decompression bomb in FITS image processing |
| HIGH | protobuf | 6.33.4 | 6.33.5, 5.29.6 | CVE-2026-0994 | python: protobuf: Protobuf: Denial of Service due to recursion depth bypass |
| HIGH | protobuf | 6.33.4 | 6.33.5, 5.29.6 | CVE-2026-0994 | python: protobuf: Protobuf: Denial of Service due to recursion depth bypass |
| HIGH | pyOpenSSL | 25.3.0 | 26.0.0 | CVE-2026-27459 | pyOpenSSL: DTLS cookie callback buffer overflow |
| HIGH | pyasn1 | 0.6.1 | 0.6.2 | CVE-2026-23490 | pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID |
| HIGH | pyasn1 | 0.6.1 | 0.6.3 | CVE-2026-30922 | pyasn1: pyasn1 Vulnerable to Denial of Service via Unbounded Recursion |
| HIGH | ujson | 5.11.0 | 5.12.0 | CVE-2026-32874 | UltraJSON: UltraJSON: Denial of Service due to memory leak when parsing large integers |
| HIGH | ujson | 5.11.0 | 5.12.0 | CVE-2026-32874 | UltraJSON: UltraJSON: Denial of Service due to memory leak when parsing large integers |
| HIGH | ujson | 5.11.0 | 5.12.0 | CVE-2026-32875 | ultrajson: UltraJSON: Denial of Service via large indent parameter in JSON serialization |
| HIGH | ujson | 5.11.0 | 5.12.0 | CVE-2026-32875 | ultrajson: UltraJSON: Denial of Service via large indent parameter in JSON serialization |
| HIGH | urllib3 | 2.6.1 | 2.6.3 | CVE-2026-21441 | urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API) |
| HIGH | weasyprint | 66.0 | 68.0 | CVE-2025-68616 | WeasyPrint: WeasyPrint Server-Side Request Forgery (SSRF) |
| HIGH | weasyprint | 66.0 | 68.0 | CVE-2025-68616 | WeasyPrint: WeasyPrint Server-Side Request Forgery (SSRF) |
| HIGH | wheel | 0.45.1 | 0.46.2 | CVE-2026-24049 | wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking |
| HIGH | stdlib | v1.25.7 | 1.25.8, 1.26.1 | CVE-2026-25679 | net/url: Incorrect parsing of IPv6 host literals in net/url |
| HIGH | stdlib | v1.25.7 | 1.25.9, 1.26.2 | CVE-2026-32280 | crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building |
| HIGH | stdlib | v1.25.7 | 1.25.9, 1.26.2 | CVE-2026-32281 | crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation |
| HIGH | stdlib | v1.25.7 | 1.25.9, 1.26.2 | CVE-2026-32283 | If one side of the TLS connection sends multiple key update messages p ... |
| HIGH | stdlib | v1.24.13 | 1.25.8, 1.26.1 | CVE-2026-25679 | net/url: Incorrect parsing of IPv6 host literals in net/url |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32280 | crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32281 | crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32283 | If one side of the TLS connection sends multiple key update messages p ... |
| HIGH | stdlib | v1.24.13 | 1.25.8, 1.26.1 | CVE-2026-25679 | net/url: Incorrect parsing of IPv6 host literals in net/url |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32280 | crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32281 | crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32283 | If one side of the TLS connection sends multiple key update messages p ... |
| HIGH | stdlib | v1.24.13 | 1.25.8, 1.26.1 | CVE-2026-25679 | net/url: Incorrect parsing of IPv6 host literals in net/url |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32280 | crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32281 | crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32283 | If one side of the TLS connection sends multiple key update messages p ... |
| HIGH | stdlib | v1.24.13 | 1.25.8, 1.26.1 | CVE-2026-25679 | net/url: Incorrect parsing of IPv6 host literals in net/url |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32280 | crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32281 | crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32283 | If one side of the TLS connection sends multiple key update messages p ... |
| HIGH | stdlib | v1.24.13 | 1.25.8, 1.26.1 | CVE-2026-25679 | net/url: Incorrect parsing of IPv6 host literals in net/url |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32280 | crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32281 | crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32283 | If one side of the TLS connection sends multiple key update messages p ... |
| HIGH | stdlib | v1.24.13 | 1.25.8, 1.26.1 | CVE-2026-25679 | net/url: Incorrect parsing of IPv6 host literals in net/url |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32280 | crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32281 | crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32283 | If one side of the TLS connection sends multiple key update messages p ... |
| HIGH | stdlib | v1.24.13 | 1.25.8, 1.26.1 | CVE-2026-25679 | net/url: Incorrect parsing of IPv6 host literals in net/url |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32280 | crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32281 | crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32283 | If one side of the TLS connection sends multiple key update messages p ... |
| HIGH | stdlib | v1.24.13 | 1.25.8, 1.26.1 | CVE-2026-25679 | net/url: Incorrect parsing of IPv6 host literals in net/url |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32280 | crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32281 | crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32283 | If one side of the TLS connection sends multiple key update messages p ... |
| HIGH | stdlib | v1.24.13 | 1.25.8, 1.26.1 | CVE-2026-25679 | net/url: Incorrect parsing of IPv6 host literals in net/url |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32280 | crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32281 | crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32283 | If one side of the TLS connection sends multiple key update messages p ... |
| HIGH | stdlib | v1.24.13 | 1.25.8, 1.26.1 | CVE-2026-25679 | net/url: Incorrect parsing of IPv6 host literals in net/url |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32280 | crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32281 | crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32283 | If one side of the TLS connection sends multiple key update messages p ... |
| HIGH | stdlib | v1.24.13 | 1.25.8, 1.26.1 | CVE-2026-25679 | net/url: Incorrect parsing of IPv6 host literals in net/url |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32280 | crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32281 | crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32283 | If one side of the TLS connection sends multiple key update messages p ... |
| HIGH | stdlib | v1.24.13 | 1.25.8, 1.26.1 | CVE-2026-25679 | net/url: Incorrect parsing of IPv6 host literals in net/url |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32280 | crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32281 | crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32283 | If one side of the TLS connection sends multiple key update messages p ... |
| HIGH | stdlib | v1.24.13 | 1.25.8, 1.26.1 | CVE-2026-25679 | net/url: Incorrect parsing of IPv6 host literals in net/url |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32280 | crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32281 | crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32283 | If one side of the TLS connection sends multiple key update messages p ... |
| HIGH | stdlib | v1.24.13 | 1.25.8, 1.26.1 | CVE-2026-25679 | net/url: Incorrect parsing of IPv6 host literals in net/url |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32280 | crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32281 | crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32283 | If one side of the TLS connection sends multiple key update messages p ... |
| HIGH | stdlib | v1.24.13 | 1.25.8, 1.26.1 | CVE-2026-25679 | net/url: Incorrect parsing of IPv6 host literals in net/url |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32280 | crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32281 | crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32283 | If one side of the TLS connection sends multiple key update messages p ... |
| HIGH | stdlib | v1.24.13 | 1.25.8, 1.26.1 | CVE-2026-25679 | net/url: Incorrect parsing of IPv6 host literals in net/url |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32280 | crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32281 | crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32283 | If one side of the TLS connection sends multiple key update messages p ... |
| HIGH | stdlib | v1.24.13 | 1.25.8, 1.26.1 | CVE-2026-25679 | net/url: Incorrect parsing of IPv6 host literals in net/url |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32280 | crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32281 | crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32283 | If one side of the TLS connection sends multiple key update messages p ... |
| HIGH | stdlib | v1.24.13 | 1.25.8, 1.26.1 | CVE-2026-25679 | net/url: Incorrect parsing of IPv6 host literals in net/url |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32280 | crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32281 | crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32283 | If one side of the TLS connection sends multiple key update messages p ... |
| HIGH | stdlib | v1.24.13 | 1.25.8, 1.26.1 | CVE-2026-25679 | net/url: Incorrect parsing of IPv6 host literals in net/url |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32280 | crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32281 | crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32283 | If one side of the TLS connection sends multiple key update messages p ... |
| HIGH | stdlib | v1.24.13 | 1.25.8, 1.26.1 | CVE-2026-25679 | net/url: Incorrect parsing of IPv6 host literals in net/url |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32280 | crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32281 | crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation |
| HIGH | stdlib | v1.24.13 | 1.25.9, 1.26.2 | CVE-2026-32283 | If one side of the TLS connection sends multiple key update messages p ... |
| HIGH | stdlib | v1.25.7 | 1.25.8, 1.26.1 | CVE-2026-25679 | net/url: Incorrect parsing of IPv6 host literals in net/url |
| HIGH | stdlib | v1.25.7 | 1.25.9, 1.26.2 | CVE-2026-32280 | crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building |
| HIGH | stdlib | v1.25.7 | 1.25.9, 1.26.2 | CVE-2026-32281 | crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation |
| HIGH | stdlib | v1.25.7 | 1.25.9, 1.26.2 | CVE-2026-32283 | If one side of the TLS connection sends multiple key update messages p ... |
| HIGH | stdlib | v1.25.7 | 1.25.8, 1.26.1 | CVE-2026-25679 | net/url: Incorrect parsing of IPv6 host literals in net/url |
| HIGH | stdlib | v1.25.7 | 1.25.9, 1.26.2 | CVE-2026-32280 | crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building |
| HIGH | stdlib | v1.25.7 | 1.25.9, 1.26.2 | CVE-2026-32281 | crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation |
| HIGH | stdlib | v1.25.7 | 1.25.9, 1.26.2 | CVE-2026-32283 | If one side of the TLS connection sends multiple key update messages p ... |
| HIGH | stdlib | v1.25.7 | 1.25.8, 1.26.1 | CVE-2026-25679 | net/url: Incorrect parsing of IPv6 host literals in net/url |
| HIGH | stdlib | v1.25.7 | 1.25.9, 1.26.2 | CVE-2026-32280 | crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building |
| HIGH | stdlib | v1.25.7 | 1.25.9, 1.26.2 | CVE-2026-32281 | crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation |
| HIGH | stdlib | v1.25.7 | 1.25.9, 1.26.2 | CVE-2026-32283 | If one side of the TLS connection sends multiple key update messages p ... |
| HIGH | stdlib | v1.25.7 | 1.25.8, 1.26.1 | CVE-2026-25679 | net/url: Incorrect parsing of IPv6 host literals in net/url |
| HIGH | stdlib | v1.25.7 | 1.25.9, 1.26.2 | CVE-2026-32280 | crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building |
| HIGH | stdlib | v1.25.7 | 1.25.9, 1.26.2 | CVE-2026-32281 | crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation |
| HIGH | stdlib | v1.25.7 | 1.25.9, 1.26.2 | CVE-2026-32283 | If one side of the TLS connection sends multiple key update messages p ... |
| HIGH | stdlib | v1.25.7 | 1.25.8, 1.26.1 | CVE-2026-25679 | net/url: Incorrect parsing of IPv6 host literals in net/url |
| HIGH | stdlib | v1.25.7 | 1.25.9, 1.26.2 | CVE-2026-32280 | crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building |
| HIGH | stdlib | v1.25.7 | 1.25.9, 1.26.2 | CVE-2026-32281 | crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation |
| HIGH | stdlib | v1.25.7 | 1.25.9, 1.26.2 | CVE-2026-32283 | If one side of the TLS connection sends multiple key update messages p ... |
| HIGH | stdlib | v1.25.7 | 1.25.8, 1.26.1 | CVE-2026-25679 | net/url: Incorrect parsing of IPv6 host literals in net/url |
| HIGH | stdlib | v1.25.7 | 1.25.9, 1.26.2 | CVE-2026-32280 | crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building |
| HIGH | stdlib | v1.25.7 | 1.25.9, 1.26.2 | CVE-2026-32281 | crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation |
| HIGH | stdlib | v1.25.7 | 1.25.9, 1.26.2 | CVE-2026-32283 | If one side of the TLS connection sends multiple key update messages p ... |
| HIGH | stdlib | v1.25.7 | 1.25.8, 1.26.1 | CVE-2026-25679 | net/url: Incorrect parsing of IPv6 host literals in net/url |
| HIGH | stdlib | v1.25.7 | 1.25.9, 1.26.2 | CVE-2026-32280 | crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building |
| HIGH | stdlib | v1.25.7 | 1.25.9, 1.26.2 | CVE-2026-32281 | crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation |
| HIGH | stdlib | v1.25.7 | 1.25.9, 1.26.2 | CVE-2026-32283 | If one side of the TLS connection sends multiple key update messages p ... |
| HIGH | stdlib | v1.25.7 | 1.25.8, 1.26.1 | CVE-2026-25679 | net/url: Incorrect parsing of IPv6 host literals in net/url |
| HIGH | stdlib | v1.25.7 | 1.25.9, 1.26.2 | CVE-2026-32280 | crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building |
| HIGH | stdlib | v1.25.7 | 1.25.9, 1.26.2 | CVE-2026-32281 | crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation |
| HIGH | stdlib | v1.25.7 | 1.25.9, 1.26.2 | CVE-2026-32283 | If one side of the TLS connection sends multiple key update messages p ... |
| HIGH | stdlib | v1.25.7 | 1.25.8, 1.26.1 | CVE-2026-25679 | net/url: Incorrect parsing of IPv6 host literals in net/url |
| HIGH | stdlib | v1.25.7 | 1.25.9, 1.26.2 | CVE-2026-32280 | crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building |
| HIGH | stdlib | v1.25.7 | 1.25.9, 1.26.2 | CVE-2026-32281 | crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation |
| HIGH | stdlib | v1.25.7 | 1.25.9, 1.26.2 | CVE-2026-32283 | If one side of the TLS connection sends multiple key update messages p ... |
| HIGH | github.com/containerd/containerd | v1.7.28 | 1.7.29 | CVE-2024-25621 | github.com/containerd/containerd: containerd local privilege escalation |
| HIGH | github.com/containerd/containerd/v2 | v2.1.4 | 2.0.7, 2.1.5, 2.2.0 | CVE-2024-25621 | github.com/containerd/containerd: containerd local privilege escalation |
| HIGH | github.com/docker/cli | v28.3.3+incompatible | 29.2.0 | CVE-2025-15558 | docker/cli: Docker CLI for Windows: Privilege escalation via malicious plugin binaries |
| HIGH | github.com/docker/docker | v28.3.3+incompatible | 29.3.1 | CVE-2026-34040 | Moby: Moby: Authorization bypass vulnerability |
| HIGH | github.com/go-jose/go-jose/v4 | v4.1.1 | 4.1.4 | CVE-2026-34986 | github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object |
| HIGH | github.com/hashicorp/go-getter | v1.8.1 | 1.8.6 | CVE-2026-4660 | go-getter: go-getter: Arbitrary file reads via maliciously crafted URL |
| HIGH | github.com/moby/buildkit | v0.23.2 | 0.28.1 | CVE-2026-33747 | BuildKit: github.com/moby/buildkit: BuildKit: Arbitrary file write and code execution via untrusted frontend |
| HIGH | github.com/moby/buildkit | v0.23.2 | 0.28.1 | CVE-2026-33748 | github.com/moby/buildkit: BuildKit: Unauthorized file access via Git URL fragment subdir components |
| HIGH | github.com/moby/spdystream | v0.5.0 | 0.5.1 | CVE-2026-35469 | Kubelet: CRI-O: kube-apiserver: Kubelet, CRI-O, kube-apiserver: Denial of Service via SPDY streaming code |
| HIGH | github.com/opencontainers/selinux | v1.12.0 | 1.13.0 | CVE-2025-52881 | runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects |
| HIGH | github.com/sigstore/timestamp-authority | v1.2.2 | 2.0.3 | CVE-2025-66564 | github.com/sigstore/timestamp-authority: Sigstore Timestamp Authority: Denial of Service via excessive OID or Content-Type header parsing |
| HIGH | go.opentelemetry.io/otel/sdk | v1.37.0 | 1.40.0 | CVE-2026-24051 | OpenTelemetry Go SDK Vulnerable to Arbitrary Code Execution via PATH Hijacking |
| HIGH | go.opentelemetry.io/otel/sdk | v1.37.0 | 1.43.0 | CVE-2026-39883 | opentelemetry-go: BSD kenv command not using absolute path enables PATH hijacking |
| CRITICAL | google.golang.org/grpc | v1.75.0 | 1.79.3 | CVE-2026-33186 | google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation |
| CRITICAL | stdlib | v1.25.1 | 1.24.13, 1.25.7, 1.26.0-rc.3 | CVE-2025-68121 | crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption |
| HIGH | stdlib | v1.25.1 | 1.24.8, 1.25.2 | CVE-2025-58183 | golang: archive/tar: Unbounded allocation when parsing GNU sparse map |
| HIGH | stdlib | v1.25.1 | 1.24.12, 1.25.6 | CVE-2025-61726 | golang: net/url: Memory exhaustion in query parameter parsing in net/url |
| HIGH | stdlib | v1.25.1 | 1.24.12, 1.25.6 | CVE-2025-61728 | golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip |
| HIGH | stdlib | v1.25.1 | 1.24.11, 1.25.5 | CVE-2025-61729 | crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate |
| HIGH | stdlib | v1.25.1 | 1.25.8, 1.26.1 | CVE-2026-25679 | net/url: Incorrect parsing of IPv6 host literals in net/url |
| HIGH | stdlib | v1.25.1 | 1.25.9, 1.26.2 | CVE-2026-32280 | crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building |
| HIGH | stdlib | v1.25.1 | 1.25.9, 1.26.2 | CVE-2026-32281 | crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation |
| HIGH | stdlib | v1.25.1 | 1.25.9, 1.26.2 | CVE-2026-32283 | If one side of the TLS connection sends multiple key update messages p ... |