[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fioVKiOg1C3HmDJO84FxQOmbp7dOesm6LBwcbqFlXqf8":3},{"product":4,"cycleMajor":14,"releases":15,"cves":118,"nextMajor":9},{"id":5,"slug":6,"name":7,"category":8,"vendor":9,"description":10,"logo_url":11,"official_url":9,"synced_at":12,"created_at":13},"18cced06-62ba-4e9f-b465-c89855b9d411","go","Go","language",null,"Go is a high-level, general-purpose programming language that is statically typed and compiled. It is known for the simplicity of its syntax and the efficiency of development that it enables through the inclusion of a large standard library supplying…","https:\u002F\u002Fcdn.simpleicons.org\u002Fgo","2026-06-09T20:02:18.512+00:00","2026-05-30T16:23:55.845073+00:00","1",[16,24,29,35,41,47,53,58,64,70,76,82,88,94,100,106,112],{"id":17,"product_id":5,"cycle":18,"release_date":19,"eol":9,"eol_boolean":20,"latest":21,"latest_release_date":22,"lts":20,"support":9,"created_at":23},"95f85c9c-f534-4d58-81ad-e3a8191f6c15","1.26","2026-02-11",false,"1.26.4","2026-06-02","2026-05-30T16:26:00.806409+00:00",{"id":25,"product_id":5,"cycle":26,"release_date":27,"eol":9,"eol_boolean":20,"latest":28,"latest_release_date":22,"lts":20,"support":9,"created_at":23},"25508c57-2738-4e29-a2e0-0495266979b9","1.25","2025-08-12","1.25.11",{"id":30,"product_id":5,"cycle":31,"release_date":32,"eol":19,"eol_boolean":9,"latest":33,"latest_release_date":34,"lts":20,"support":9,"created_at":23},"23833a1b-4492-4ef9-8a27-ff48f20d76e7","1.24","2025-02-11","1.24.13","2026-02-04",{"id":36,"product_id":5,"cycle":37,"release_date":38,"eol":27,"eol_boolean":9,"latest":39,"latest_release_date":40,"lts":20,"support":9,"created_at":23},"d72e20cd-19cd-4b71-ba50-f7ab6183cb7d","1.23","2024-08-13","1.23.12","2025-08-06",{"id":42,"product_id":5,"cycle":43,"release_date":44,"eol":32,"eol_boolean":9,"latest":45,"latest_release_date":46,"lts":20,"support":9,"created_at":23},"9581fdcf-bf86-4564-92c3-a1ea6727c28c","1.22","2024-02-06","1.22.12","2025-02-04",{"id":48,"product_id":5,"cycle":49,"release_date":50,"eol":38,"eol_boolean":9,"latest":51,"latest_release_date":52,"lts":20,"support":9,"created_at":23},"66536128-7941-405b-b475-89097745faa9","1.21","2023-08-08","1.21.13","2024-08-06",{"id":54,"product_id":5,"cycle":55,"release_date":56,"eol":44,"eol_boolean":9,"latest":57,"latest_release_date":44,"lts":20,"support":9,"created_at":23},"cf57127b-014c-4697-9ff9-e64e6af53d6d","1.20","2023-02-01","1.20.14",{"id":59,"product_id":5,"cycle":60,"release_date":61,"eol":62,"eol_boolean":9,"latest":63,"latest_release_date":62,"lts":20,"support":9,"created_at":23},"2de85ebc-415b-4edc-8bd3-0030ed3807e7","1.19","2022-08-02","2023-09-06","1.19.13",{"id":65,"product_id":5,"cycle":66,"release_date":67,"eol":56,"eol_boolean":9,"latest":68,"latest_release_date":69,"lts":20,"support":9,"created_at":23},"9fd836e1-fce2-4d36-9323-cdc0cb6ce4f4","1.18","2022-03-15","1.18.10","2023-01-10",{"id":71,"product_id":5,"cycle":72,"release_date":73,"eol":61,"eol_boolean":9,"latest":74,"latest_release_date":75,"lts":20,"support":9,"created_at":23},"68649bdc-4ee7-4b60-8ddc-2f64c536dcfd","1.17","2021-08-16","1.17.13","2022-08-01",{"id":77,"product_id":5,"cycle":78,"release_date":79,"eol":67,"eol_boolean":9,"latest":80,"latest_release_date":81,"lts":20,"support":9,"created_at":23},"2c429cc7-7c36-4044-9267-711fae138847","1.16","2021-02-16","1.16.15","2022-03-03",{"id":83,"product_id":5,"cycle":84,"release_date":85,"eol":73,"eol_boolean":9,"latest":86,"latest_release_date":87,"lts":20,"support":9,"created_at":23},"c54e1fcb-ed05-411b-95d7-812b088f06c6","1.15","2020-08-11","1.15.15","2021-08-04",{"id":89,"product_id":5,"cycle":90,"release_date":91,"eol":79,"eol_boolean":9,"latest":92,"latest_release_date":93,"lts":20,"support":9,"created_at":23},"5b7f0ff6-d8a6-4d8e-83f8-25ab17864854","1.14","2020-02-25","1.14.15","2021-02-04",{"id":95,"product_id":5,"cycle":96,"release_date":97,"eol":85,"eol_boolean":9,"latest":98,"latest_release_date":99,"lts":20,"support":9,"created_at":23},"d1b09a01-33d2-47fd-8a7c-33d72800dc30","1.13","2019-09-03","1.13.15","2020-08-06",{"id":101,"product_id":5,"cycle":102,"release_date":103,"eol":91,"eol_boolean":9,"latest":104,"latest_release_date":105,"lts":20,"support":9,"created_at":23},"317d8cd0-273e-4268-b410-605c7016e75b","1.12","2019-02-25","1.12.17","2020-02-12",{"id":107,"product_id":5,"cycle":108,"release_date":109,"eol":97,"eol_boolean":9,"latest":110,"latest_release_date":111,"lts":20,"support":9,"created_at":23},"9e3094c3-8342-4ede-b3c2-0dd74db281b2","1.11","2018-08-24","1.11.13","2019-08-13",{"id":113,"product_id":5,"cycle":114,"release_date":115,"eol":103,"eol_boolean":9,"latest":116,"latest_release_date":117,"lts":20,"support":9,"created_at":23},"e863ca04-9fc4-4cd7-959b-49886d1f5922","1.10","2018-02-16","1.10.8","2019-01-23",[119,127,128,129,130,131,132,133,134,135,136,137,138,139,140,141,142,143,149,150,151,152,153,154,155,156,157,158,159,160,161,162,163,164,165,171,172,173,174,175,176,177,178,179,180,181,182,183,184,185,186,187,193,194,195,196,197,198,199,200,201,202,203,204,205,206,207,208,209,215,216,217,218,219,220,221,222,223,224,225,226,227,228,229,230,231,237,238,239,240,241,242,243,244,245,246,247,248,249,250,251,252,253,261,267,268,269,270,271,272,273,274,275,276,277,278,279,280,281,282,283,284,285,286,287,288,289,290,291,292,293,294,295,296,297,298,299,306,307,308,309,310,311,312,313,314,315,316,317,318,319,320,321,322,329,330,331,332,333,334,335,336,337,338,339,340,346,347,348,349,350,351,352,353,354,355,356,357,358,359,360,361,362,363,364,365,366],{"cveId":120,"releaseId":101,"cycle":102,"description":121,"severity":122,"cvssScore":123,"epssScore":124,"inKev":20,"publishedAt":125,"url":126},"CVE-2026-33811","When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash.","HIGH",7.5,0.00018,"2026-05-07T20:16:42.77+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-33811",{"cveId":120,"releaseId":25,"cycle":26,"description":121,"severity":122,"cvssScore":123,"epssScore":124,"inKev":20,"publishedAt":125,"url":126},{"cveId":120,"releaseId":30,"cycle":31,"description":121,"severity":122,"cvssScore":123,"epssScore":124,"inKev":20,"publishedAt":125,"url":126},{"cveId":120,"releaseId":36,"cycle":37,"description":121,"severity":122,"cvssScore":123,"epssScore":124,"inKev":20,"publishedAt":125,"url":126},{"cveId":120,"releaseId":42,"cycle":43,"description":121,"severity":122,"cvssScore":123,"epssScore":124,"inKev":20,"publishedAt":125,"url":126},{"cveId":120,"releaseId":48,"cycle":49,"description":121,"severity":122,"cvssScore":123,"epssScore":124,"inKev":20,"publishedAt":125,"url":126},{"cveId":120,"releaseId":54,"cycle":55,"description":121,"severity":122,"cvssScore":123,"epssScore":124,"inKev":20,"publishedAt":125,"url":126},{"cveId":120,"releaseId":59,"cycle":60,"description":121,"severity":122,"cvssScore":123,"epssScore":124,"inKev":20,"publishedAt":125,"url":126},{"cveId":120,"releaseId":65,"cycle":66,"description":121,"severity":122,"cvssScore":123,"epssScore":124,"inKev":20,"publishedAt":125,"url":126},{"cveId":120,"releaseId":71,"cycle":72,"description":121,"severity":122,"cvssScore":123,"epssScore":124,"inKev":20,"publishedAt":125,"url":126},{"cveId":120,"releaseId":77,"cycle":78,"description":121,"severity":122,"cvssScore":123,"epssScore":124,"inKev":20,"publishedAt":125,"url":126},{"cveId":120,"releaseId":83,"cycle":84,"description":121,"severity":122,"cvssScore":123,"epssScore":124,"inKev":20,"publishedAt":125,"url":126},{"cveId":120,"releaseId":89,"cycle":90,"description":121,"severity":122,"cvssScore":123,"epssScore":124,"inKev":20,"publishedAt":125,"url":126},{"cveId":120,"releaseId":95,"cycle":96,"description":121,"severity":122,"cvssScore":123,"epssScore":124,"inKev":20,"publishedAt":125,"url":126},{"cveId":120,"releaseId":107,"cycle":108,"description":121,"severity":122,"cvssScore":123,"epssScore":124,"inKev":20,"publishedAt":125,"url":126},{"cveId":120,"releaseId":113,"cycle":114,"description":121,"severity":122,"cvssScore":123,"epssScore":124,"inKev":20,"publishedAt":125,"url":126},{"cveId":120,"releaseId":17,"cycle":18,"description":121,"severity":122,"cvssScore":123,"epssScore":124,"inKev":20,"publishedAt":125,"url":126},{"cveId":144,"releaseId":25,"cycle":26,"description":145,"severity":122,"cvssScore":123,"epssScore":146,"inKev":20,"publishedAt":147,"url":148},"CVE-2026-33814","When processing HTTP\u002F2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.",0.0002,"2026-05-07T20:16:42.88+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-33814",{"cveId":144,"releaseId":30,"cycle":31,"description":145,"severity":122,"cvssScore":123,"epssScore":146,"inKev":20,"publishedAt":147,"url":148},{"cveId":144,"releaseId":36,"cycle":37,"description":145,"severity":122,"cvssScore":123,"epssScore":146,"inKev":20,"publishedAt":147,"url":148},{"cveId":144,"releaseId":42,"cycle":43,"description":145,"severity":122,"cvssScore":123,"epssScore":146,"inKev":20,"publishedAt":147,"url":148},{"cveId":144,"releaseId":48,"cycle":49,"description":145,"severity":122,"cvssScore":123,"epssScore":146,"inKev":20,"publishedAt":147,"url":148},{"cveId":144,"releaseId":54,"cycle":55,"description":145,"severity":122,"cvssScore":123,"epssScore":146,"inKev":20,"publishedAt":147,"url":148},{"cveId":144,"releaseId":59,"cycle":60,"description":145,"severity":122,"cvssScore":123,"epssScore":146,"inKev":20,"publishedAt":147,"url":148},{"cveId":144,"releaseId":65,"cycle":66,"description":145,"severity":122,"cvssScore":123,"epssScore":146,"inKev":20,"publishedAt":147,"url":148},{"cveId":144,"releaseId":71,"cycle":72,"description":145,"severity":122,"cvssScore":123,"epssScore":146,"inKev":20,"publishedAt":147,"url":148},{"cveId":144,"releaseId":77,"cycle":78,"description":145,"severity":122,"cvssScore":123,"epssScore":146,"inKev":20,"publishedAt":147,"url":148},{"cveId":144,"releaseId":83,"cycle":84,"description":145,"severity":122,"cvssScore":123,"epssScore":146,"inKev":20,"publishedAt":147,"url":148},{"cveId":144,"releaseId":89,"cycle":90,"description":145,"severity":122,"cvssScore":123,"epssScore":146,"inKev":20,"publishedAt":147,"url":148},{"cveId":144,"releaseId":95,"cycle":96,"description":145,"severity":122,"cvssScore":123,"epssScore":146,"inKev":20,"publishedAt":147,"url":148},{"cveId":144,"releaseId":101,"cycle":102,"description":145,"severity":122,"cvssScore":123,"epssScore":146,"inKev":20,"publishedAt":147,"url":148},{"cveId":144,"releaseId":107,"cycle":108,"description":145,"severity":122,"cvssScore":123,"epssScore":146,"inKev":20,"publishedAt":147,"url":148},{"cveId":144,"releaseId":113,"cycle":114,"description":145,"severity":122,"cvssScore":123,"epssScore":146,"inKev":20,"publishedAt":147,"url":148},{"cveId":144,"releaseId":17,"cycle":18,"description":145,"severity":122,"cvssScore":123,"epssScore":146,"inKev":20,"publishedAt":147,"url":148},{"cveId":166,"releaseId":77,"cycle":78,"description":167,"severity":122,"cvssScore":123,"epssScore":168,"inKev":20,"publishedAt":169,"url":170},"CVE-2026-39820","Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations.",0.00058,"2026-05-07T20:16:43.187+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-39820",{"cveId":166,"releaseId":25,"cycle":26,"description":167,"severity":122,"cvssScore":123,"epssScore":168,"inKev":20,"publishedAt":169,"url":170},{"cveId":166,"releaseId":30,"cycle":31,"description":167,"severity":122,"cvssScore":123,"epssScore":168,"inKev":20,"publishedAt":169,"url":170},{"cveId":166,"releaseId":36,"cycle":37,"description":167,"severity":122,"cvssScore":123,"epssScore":168,"inKev":20,"publishedAt":169,"url":170},{"cveId":166,"releaseId":42,"cycle":43,"description":167,"severity":122,"cvssScore":123,"epssScore":168,"inKev":20,"publishedAt":169,"url":170},{"cveId":166,"releaseId":48,"cycle":49,"description":167,"severity":122,"cvssScore":123,"epssScore":168,"inKev":20,"publishedAt":169,"url":170},{"cveId":166,"releaseId":54,"cycle":55,"description":167,"severity":122,"cvssScore":123,"epssScore":168,"inKev":20,"publishedAt":169,"url":170},{"cveId":166,"releaseId":59,"cycle":60,"description":167,"severity":122,"cvssScore":123,"epssScore":168,"inKev":20,"publishedAt":169,"url":170},{"cveId":166,"releaseId":65,"cycle":66,"description":167,"severity":122,"cvssScore":123,"epssScore":168,"inKev":20,"publishedAt":169,"url":170},{"cveId":166,"releaseId":71,"cycle":72,"description":167,"severity":122,"cvssScore":123,"epssScore":168,"inKev":20,"publishedAt":169,"url":170},{"cveId":166,"releaseId":83,"cycle":84,"description":167,"severity":122,"cvssScore":123,"epssScore":168,"inKev":20,"publishedAt":169,"url":170},{"cveId":166,"releaseId":89,"cycle":90,"description":167,"severity":122,"cvssScore":123,"epssScore":168,"inKev":20,"publishedAt":169,"url":170},{"cveId":166,"releaseId":95,"cycle":96,"description":167,"severity":122,"cvssScore":123,"epssScore":168,"inKev":20,"publishedAt":169,"url":170},{"cveId":166,"releaseId":101,"cycle":102,"description":167,"severity":122,"cvssScore":123,"epssScore":168,"inKev":20,"publishedAt":169,"url":170},{"cveId":166,"releaseId":107,"cycle":108,"description":167,"severity":122,"cvssScore":123,"epssScore":168,"inKev":20,"publishedAt":169,"url":170},{"cveId":166,"releaseId":113,"cycle":114,"description":167,"severity":122,"cvssScore":123,"epssScore":168,"inKev":20,"publishedAt":169,"url":170},{"cveId":166,"releaseId":17,"cycle":18,"description":167,"severity":122,"cvssScore":123,"epssScore":168,"inKev":20,"publishedAt":169,"url":170},{"cveId":188,"releaseId":25,"cycle":26,"description":189,"severity":122,"cvssScore":123,"epssScore":190,"inKev":20,"publishedAt":191,"url":192},"CVE-2026-39836","The Dial and LookupPort functions panic on Windows when provided with an input containing a NUL (0).",0.00021,"2026-05-07T20:16:43.593+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-39836",{"cveId":188,"releaseId":30,"cycle":31,"description":189,"severity":122,"cvssScore":123,"epssScore":190,"inKev":20,"publishedAt":191,"url":192},{"cveId":188,"releaseId":36,"cycle":37,"description":189,"severity":122,"cvssScore":123,"epssScore":190,"inKev":20,"publishedAt":191,"url":192},{"cveId":188,"releaseId":42,"cycle":43,"description":189,"severity":122,"cvssScore":123,"epssScore":190,"inKev":20,"publishedAt":191,"url":192},{"cveId":188,"releaseId":48,"cycle":49,"description":189,"severity":122,"cvssScore":123,"epssScore":190,"inKev":20,"publishedAt":191,"url":192},{"cveId":188,"releaseId":54,"cycle":55,"description":189,"severity":122,"cvssScore":123,"epssScore":190,"inKev":20,"publishedAt":191,"url":192},{"cveId":188,"releaseId":59,"cycle":60,"description":189,"severity":122,"cvssScore":123,"epssScore":190,"inKev":20,"publishedAt":191,"url":192},{"cveId":188,"releaseId":65,"cycle":66,"description":189,"severity":122,"cvssScore":123,"epssScore":190,"inKev":20,"publishedAt":191,"url":192},{"cveId":188,"releaseId":71,"cycle":72,"description":189,"severity":122,"cvssScore":123,"epssScore":190,"inKev":20,"publishedAt":191,"url":192},{"cveId":188,"releaseId":77,"cycle":78,"description":189,"severity":122,"cvssScore":123,"epssScore":190,"inKev":20,"publishedAt":191,"url":192},{"cveId":188,"releaseId":83,"cycle":84,"description":189,"severity":122,"cvssScore":123,"epssScore":190,"inKev":20,"publishedAt":191,"url":192},{"cveId":188,"releaseId":89,"cycle":90,"description":189,"severity":122,"cvssScore":123,"epssScore":190,"inKev":20,"publishedAt":191,"url":192},{"cveId":188,"releaseId":95,"cycle":96,"description":189,"severity":122,"cvssScore":123,"epssScore":190,"inKev":20,"publishedAt":191,"url":192},{"cveId":188,"releaseId":101,"cycle":102,"description":189,"severity":122,"cvssScore":123,"epssScore":190,"inKev":20,"publishedAt":191,"url":192},{"cveId":188,"releaseId":107,"cycle":108,"description":189,"severity":122,"cvssScore":123,"epssScore":190,"inKev":20,"publishedAt":191,"url":192},{"cveId":188,"releaseId":113,"cycle":114,"description":189,"severity":122,"cvssScore":123,"epssScore":190,"inKev":20,"publishedAt":191,"url":192},{"cveId":188,"releaseId":17,"cycle":18,"description":189,"severity":122,"cvssScore":123,"epssScore":190,"inKev":20,"publishedAt":191,"url":192},{"cveId":210,"releaseId":25,"cycle":26,"description":211,"severity":122,"cvssScore":123,"epssScore":212,"inKev":20,"publishedAt":213,"url":214},"CVE-2026-42499","Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322.",0.00024,"2026-05-07T20:16:44.54+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-42499",{"cveId":210,"releaseId":30,"cycle":31,"description":211,"severity":122,"cvssScore":123,"epssScore":212,"inKev":20,"publishedAt":213,"url":214},{"cveId":210,"releaseId":36,"cycle":37,"description":211,"severity":122,"cvssScore":123,"epssScore":212,"inKev":20,"publishedAt":213,"url":214},{"cveId":210,"releaseId":42,"cycle":43,"description":211,"severity":122,"cvssScore":123,"epssScore":212,"inKev":20,"publishedAt":213,"url":214},{"cveId":210,"releaseId":48,"cycle":49,"description":211,"severity":122,"cvssScore":123,"epssScore":212,"inKev":20,"publishedAt":213,"url":214},{"cveId":210,"releaseId":54,"cycle":55,"description":211,"severity":122,"cvssScore":123,"epssScore":212,"inKev":20,"publishedAt":213,"url":214},{"cveId":210,"releaseId":59,"cycle":60,"description":211,"severity":122,"cvssScore":123,"epssScore":212,"inKev":20,"publishedAt":213,"url":214},{"cveId":210,"releaseId":65,"cycle":66,"description":211,"severity":122,"cvssScore":123,"epssScore":212,"inKev":20,"publishedAt":213,"url":214},{"cveId":210,"releaseId":71,"cycle":72,"description":211,"severity":122,"cvssScore":123,"epssScore":212,"inKev":20,"publishedAt":213,"url":214},{"cveId":210,"releaseId":77,"cycle":78,"description":211,"severity":122,"cvssScore":123,"epssScore":212,"inKev":20,"publishedAt":213,"url":214},{"cveId":210,"releaseId":83,"cycle":84,"description":211,"severity":122,"cvssScore":123,"epssScore":212,"inKev":20,"publishedAt":213,"url":214},{"cveId":210,"releaseId":89,"cycle":90,"description":211,"severity":122,"cvssScore":123,"epssScore":212,"inKev":20,"publishedAt":213,"url":214},{"cveId":210,"releaseId":95,"cycle":96,"description":211,"severity":122,"cvssScore":123,"epssScore":212,"inKev":20,"publishedAt":213,"url":214},{"cveId":210,"releaseId":101,"cycle":102,"description":211,"severity":122,"cvssScore":123,"epssScore":212,"inKev":20,"publishedAt":213,"url":214},{"cveId":210,"releaseId":107,"cycle":108,"description":211,"severity":122,"cvssScore":123,"epssScore":212,"inKev":20,"publishedAt":213,"url":214},{"cveId":210,"releaseId":113,"cycle":114,"description":211,"severity":122,"cvssScore":123,"epssScore":212,"inKev":20,"publishedAt":213,"url":214},{"cveId":210,"releaseId":17,"cycle":18,"description":211,"severity":122,"cvssScore":123,"epssScore":212,"inKev":20,"publishedAt":213,"url":214},{"cveId":232,"releaseId":25,"cycle":26,"description":233,"severity":122,"cvssScore":123,"epssScore":234,"inKev":20,"publishedAt":235,"url":236},"CVE-2026-42501","A malicious module proxy can exploit a flaw in the go command's validation of module checksums to bypass checksum database validation. This vulnerability affects any user using an untrusted module proxy (GOMODPROXY) or checksum database (GOSUMDB). A malicious module proxy can serve altered versions of the Go toolchain. When selecting a different version of the Go toolchain than the currently installed toolchain (due to the GOTOOLCHAIN environment variable, or a go.work or go.mod with a toolchain",0.00009,"2026-05-07T20:16:44.643+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-42501",{"cveId":232,"releaseId":30,"cycle":31,"description":233,"severity":122,"cvssScore":123,"epssScore":234,"inKev":20,"publishedAt":235,"url":236},{"cveId":232,"releaseId":36,"cycle":37,"description":233,"severity":122,"cvssScore":123,"epssScore":234,"inKev":20,"publishedAt":235,"url":236},{"cveId":232,"releaseId":42,"cycle":43,"description":233,"severity":122,"cvssScore":123,"epssScore":234,"inKev":20,"publishedAt":235,"url":236},{"cveId":232,"releaseId":48,"cycle":49,"description":233,"severity":122,"cvssScore":123,"epssScore":234,"inKev":20,"publishedAt":235,"url":236},{"cveId":232,"releaseId":54,"cycle":55,"description":233,"severity":122,"cvssScore":123,"epssScore":234,"inKev":20,"publishedAt":235,"url":236},{"cveId":232,"releaseId":59,"cycle":60,"description":233,"severity":122,"cvssScore":123,"epssScore":234,"inKev":20,"publishedAt":235,"url":236},{"cveId":232,"releaseId":65,"cycle":66,"description":233,"severity":122,"cvssScore":123,"epssScore":234,"inKev":20,"publishedAt":235,"url":236},{"cveId":232,"releaseId":71,"cycle":72,"description":233,"severity":122,"cvssScore":123,"epssScore":234,"inKev":20,"publishedAt":235,"url":236},{"cveId":232,"releaseId":77,"cycle":78,"description":233,"severity":122,"cvssScore":123,"epssScore":234,"inKev":20,"publishedAt":235,"url":236},{"cveId":232,"releaseId":83,"cycle":84,"description":233,"severity":122,"cvssScore":123,"epssScore":234,"inKev":20,"publishedAt":235,"url":236},{"cveId":232,"releaseId":89,"cycle":90,"description":233,"severity":122,"cvssScore":123,"epssScore":234,"inKev":20,"publishedAt":235,"url":236},{"cveId":232,"releaseId":95,"cycle":96,"description":233,"severity":122,"cvssScore":123,"epssScore":234,"inKev":20,"publishedAt":235,"url":236},{"cveId":232,"releaseId":101,"cycle":102,"description":233,"severity":122,"cvssScore":123,"epssScore":234,"inKev":20,"publishedAt":235,"url":236},{"cveId":232,"releaseId":107,"cycle":108,"description":233,"severity":122,"cvssScore":123,"epssScore":234,"inKev":20,"publishedAt":235,"url":236},{"cveId":232,"releaseId":113,"cycle":114,"description":233,"severity":122,"cvssScore":123,"epssScore":234,"inKev":20,"publishedAt":235,"url":236},{"cveId":232,"releaseId":17,"cycle":18,"description":233,"severity":122,"cvssScore":123,"epssScore":234,"inKev":20,"publishedAt":235,"url":236},{"cveId":254,"releaseId":25,"cycle":26,"description":255,"severity":256,"cvssScore":257,"epssScore":258,"inKev":20,"publishedAt":259,"url":260},"CVE-2026-39823","CVE-2026-27142 fixed a vulnerability in which URLs were not correctly escaped inside of a \u003Cmeta> tag's \u003Ccontent> attribute. If the URL content were to insert ASCII whitespaces around the '=' rune inside of the \u003Ccontent> attribute, the escaper would fail to similarly escape it, leading to XSS.","MEDIUM",6.1,0.00011,"2026-05-07T20:16:43.29+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-39823",{"cveId":262,"releaseId":17,"cycle":18,"description":263,"severity":256,"cvssScore":257,"epssScore":264,"inKev":20,"publishedAt":265,"url":266},"CVE-2026-39826","If a trusted template author were to write a \u003Cscript> tag containing an empty 'type' attribute or a 'type' attribute with an ASCII whitespace, the execution of the template would incorrectly escape any data passed into the \u003Cscript> block.",0.00014,"2026-05-07T20:16:43.49+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-39826",{"cveId":262,"releaseId":113,"cycle":114,"description":263,"severity":256,"cvssScore":257,"epssScore":264,"inKev":20,"publishedAt":265,"url":266},{"cveId":262,"releaseId":107,"cycle":108,"description":263,"severity":256,"cvssScore":257,"epssScore":264,"inKev":20,"publishedAt":265,"url":266},{"cveId":262,"releaseId":101,"cycle":102,"description":263,"severity":256,"cvssScore":257,"epssScore":264,"inKev":20,"publishedAt":265,"url":266},{"cveId":262,"releaseId":95,"cycle":96,"description":263,"severity":256,"cvssScore":257,"epssScore":264,"inKev":20,"publishedAt":265,"url":266},{"cveId":262,"releaseId":89,"cycle":90,"description":263,"severity":256,"cvssScore":257,"epssScore":264,"inKev":20,"publishedAt":265,"url":266},{"cveId":262,"releaseId":83,"cycle":84,"description":263,"severity":256,"cvssScore":257,"epssScore":264,"inKev":20,"publishedAt":265,"url":266},{"cveId":262,"releaseId":77,"cycle":78,"description":263,"severity":256,"cvssScore":257,"epssScore":264,"inKev":20,"publishedAt":265,"url":266},{"cveId":262,"releaseId":71,"cycle":72,"description":263,"severity":256,"cvssScore":257,"epssScore":264,"inKev":20,"publishedAt":265,"url":266},{"cveId":262,"releaseId":59,"cycle":60,"description":263,"severity":256,"cvssScore":257,"epssScore":264,"inKev":20,"publishedAt":265,"url":266},{"cveId":262,"releaseId":54,"cycle":55,"description":263,"severity":256,"cvssScore":257,"epssScore":264,"inKev":20,"publishedAt":265,"url":266},{"cveId":262,"releaseId":48,"cycle":49,"description":263,"severity":256,"cvssScore":257,"epssScore":264,"inKev":20,"publishedAt":265,"url":266},{"cveId":262,"releaseId":42,"cycle":43,"description":263,"severity":256,"cvssScore":257,"epssScore":264,"inKev":20,"publishedAt":265,"url":266},{"cveId":262,"releaseId":36,"cycle":37,"description":263,"severity":256,"cvssScore":257,"epssScore":264,"inKev":20,"publishedAt":265,"url":266},{"cveId":262,"releaseId":30,"cycle":31,"description":263,"severity":256,"cvssScore":257,"epssScore":264,"inKev":20,"publishedAt":265,"url":266},{"cveId":262,"releaseId":25,"cycle":26,"description":263,"severity":256,"cvssScore":257,"epssScore":264,"inKev":20,"publishedAt":265,"url":266},{"cveId":254,"releaseId":17,"cycle":18,"description":255,"severity":256,"cvssScore":257,"epssScore":258,"inKev":20,"publishedAt":259,"url":260},{"cveId":254,"releaseId":113,"cycle":114,"description":255,"severity":256,"cvssScore":257,"epssScore":258,"inKev":20,"publishedAt":259,"url":260},{"cveId":254,"releaseId":107,"cycle":108,"description":255,"severity":256,"cvssScore":257,"epssScore":258,"inKev":20,"publishedAt":259,"url":260},{"cveId":254,"releaseId":101,"cycle":102,"description":255,"severity":256,"cvssScore":257,"epssScore":258,"inKev":20,"publishedAt":259,"url":260},{"cveId":254,"releaseId":95,"cycle":96,"description":255,"severity":256,"cvssScore":257,"epssScore":258,"inKev":20,"publishedAt":259,"url":260},{"cveId":254,"releaseId":89,"cycle":90,"description":255,"severity":256,"cvssScore":257,"epssScore":258,"inKev":20,"publishedAt":259,"url":260},{"cveId":254,"releaseId":83,"cycle":84,"description":255,"severity":256,"cvssScore":257,"epssScore":258,"inKev":20,"publishedAt":259,"url":260},{"cveId":254,"releaseId":77,"cycle":78,"description":255,"severity":256,"cvssScore":257,"epssScore":258,"inKev":20,"publishedAt":259,"url":260},{"cveId":262,"releaseId":65,"cycle":66,"description":263,"severity":256,"cvssScore":257,"epssScore":264,"inKev":20,"publishedAt":265,"url":266},{"cveId":254,"releaseId":71,"cycle":72,"description":255,"severity":256,"cvssScore":257,"epssScore":258,"inKev":20,"publishedAt":259,"url":260},{"cveId":254,"releaseId":65,"cycle":66,"description":255,"severity":256,"cvssScore":257,"epssScore":258,"inKev":20,"publishedAt":259,"url":260},{"cveId":254,"releaseId":59,"cycle":60,"description":255,"severity":256,"cvssScore":257,"epssScore":258,"inKev":20,"publishedAt":259,"url":260},{"cveId":254,"releaseId":54,"cycle":55,"description":255,"severity":256,"cvssScore":257,"epssScore":258,"inKev":20,"publishedAt":259,"url":260},{"cveId":254,"releaseId":48,"cycle":49,"description":255,"severity":256,"cvssScore":257,"epssScore":258,"inKev":20,"publishedAt":259,"url":260},{"cveId":254,"releaseId":42,"cycle":43,"description":255,"severity":256,"cvssScore":257,"epssScore":258,"inKev":20,"publishedAt":259,"url":260},{"cveId":254,"releaseId":30,"cycle":31,"description":255,"severity":256,"cvssScore":257,"epssScore":258,"inKev":20,"publishedAt":259,"url":260},{"cveId":254,"releaseId":36,"cycle":37,"description":255,"severity":256,"cvssScore":257,"epssScore":258,"inKev":20,"publishedAt":259,"url":260},{"cveId":300,"releaseId":113,"cycle":114,"description":301,"severity":256,"cvssScore":302,"epssScore":303,"inKev":20,"publishedAt":304,"url":305},"CVE-2026-39817","The \"go tool pack\" subcommand (usually used only by the compiler as an internal tool with known-good inputs) does not sanitize output filenames. Extracting a malicious archive file with the \"pack\" subcommand can write files to arbitrary locations on the filesystem.",5.9,0.00006,"2026-05-07T20:16:42.983+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-39817",{"cveId":300,"releaseId":25,"cycle":26,"description":301,"severity":256,"cvssScore":302,"epssScore":303,"inKev":20,"publishedAt":304,"url":305},{"cveId":300,"releaseId":30,"cycle":31,"description":301,"severity":256,"cvssScore":302,"epssScore":303,"inKev":20,"publishedAt":304,"url":305},{"cveId":300,"releaseId":36,"cycle":37,"description":301,"severity":256,"cvssScore":302,"epssScore":303,"inKev":20,"publishedAt":304,"url":305},{"cveId":300,"releaseId":42,"cycle":43,"description":301,"severity":256,"cvssScore":302,"epssScore":303,"inKev":20,"publishedAt":304,"url":305},{"cveId":300,"releaseId":48,"cycle":49,"description":301,"severity":256,"cvssScore":302,"epssScore":303,"inKev":20,"publishedAt":304,"url":305},{"cveId":300,"releaseId":54,"cycle":55,"description":301,"severity":256,"cvssScore":302,"epssScore":303,"inKev":20,"publishedAt":304,"url":305},{"cveId":300,"releaseId":59,"cycle":60,"description":301,"severity":256,"cvssScore":302,"epssScore":303,"inKev":20,"publishedAt":304,"url":305},{"cveId":300,"releaseId":65,"cycle":66,"description":301,"severity":256,"cvssScore":302,"epssScore":303,"inKev":20,"publishedAt":304,"url":305},{"cveId":300,"releaseId":71,"cycle":72,"description":301,"severity":256,"cvssScore":302,"epssScore":303,"inKev":20,"publishedAt":304,"url":305},{"cveId":300,"releaseId":77,"cycle":78,"description":301,"severity":256,"cvssScore":302,"epssScore":303,"inKev":20,"publishedAt":304,"url":305},{"cveId":300,"releaseId":83,"cycle":84,"description":301,"severity":256,"cvssScore":302,"epssScore":303,"inKev":20,"publishedAt":304,"url":305},{"cveId":300,"releaseId":89,"cycle":90,"description":301,"severity":256,"cvssScore":302,"epssScore":303,"inKev":20,"publishedAt":304,"url":305},{"cveId":300,"releaseId":95,"cycle":96,"description":301,"severity":256,"cvssScore":302,"epssScore":303,"inKev":20,"publishedAt":304,"url":305},{"cveId":300,"releaseId":101,"cycle":102,"description":301,"severity":256,"cvssScore":302,"epssScore":303,"inKev":20,"publishedAt":304,"url":305},{"cveId":300,"releaseId":107,"cycle":108,"description":301,"severity":256,"cvssScore":302,"epssScore":303,"inKev":20,"publishedAt":304,"url":305},{"cveId":300,"releaseId":17,"cycle":18,"description":301,"severity":256,"cvssScore":302,"epssScore":303,"inKev":20,"publishedAt":304,"url":305},{"cveId":323,"releaseId":17,"cycle":18,"description":324,"severity":256,"cvssScore":325,"epssScore":326,"inKev":20,"publishedAt":327,"url":328},"CVE-2026-39819","The \"go bug\" command writes to two files with predictable names in the system temporary directory (for example, \"\u002Ftmp\"). An attacker with access to the temporary directory can create a symlink in one of these names, causing \"go bug\" to overwrite the target of the symlink.",5.3,0.0001,"2026-05-07T20:16:43.083+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-39819",{"cveId":323,"releaseId":113,"cycle":114,"description":324,"severity":256,"cvssScore":325,"epssScore":326,"inKev":20,"publishedAt":327,"url":328},{"cveId":323,"releaseId":107,"cycle":108,"description":324,"severity":256,"cvssScore":325,"epssScore":326,"inKev":20,"publishedAt":327,"url":328},{"cveId":323,"releaseId":101,"cycle":102,"description":324,"severity":256,"cvssScore":325,"epssScore":326,"inKev":20,"publishedAt":327,"url":328},{"cveId":323,"releaseId":95,"cycle":96,"description":324,"severity":256,"cvssScore":325,"epssScore":326,"inKev":20,"publishedAt":327,"url":328},{"cveId":323,"releaseId":89,"cycle":90,"description":324,"severity":256,"cvssScore":325,"epssScore":326,"inKev":20,"publishedAt":327,"url":328},{"cveId":323,"releaseId":83,"cycle":84,"description":324,"severity":256,"cvssScore":325,"epssScore":326,"inKev":20,"publishedAt":327,"url":328},{"cveId":323,"releaseId":77,"cycle":78,"description":324,"severity":256,"cvssScore":325,"epssScore":326,"inKev":20,"publishedAt":327,"url":328},{"cveId":323,"releaseId":71,"cycle":72,"description":324,"severity":256,"cvssScore":325,"epssScore":326,"inKev":20,"publishedAt":327,"url":328},{"cveId":323,"releaseId":65,"cycle":66,"description":324,"severity":256,"cvssScore":325,"epssScore":326,"inKev":20,"publishedAt":327,"url":328},{"cveId":323,"releaseId":59,"cycle":60,"description":324,"severity":256,"cvssScore":325,"epssScore":326,"inKev":20,"publishedAt":327,"url":328},{"cveId":323,"releaseId":54,"cycle":55,"description":324,"severity":256,"cvssScore":325,"epssScore":326,"inKev":20,"publishedAt":327,"url":328},{"cveId":341,"releaseId":17,"cycle":18,"description":342,"severity":256,"cvssScore":325,"epssScore":343,"inKev":20,"publishedAt":344,"url":345},"CVE-2026-39825","ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery. ReverseProxy does not take ParseQuery's limit on the total number of query parameters (controlled by GODEBUG=urlmaxqueryparams=N) into account. This can permit ReverseProxy to forward a request containing a que",0.00013,"2026-05-07T20:16:43.39+00:00","https:\u002F\u002Fnvd.nist.gov\u002Fvuln\u002Fdetail\u002FCVE-2026-39825",{"cveId":323,"releaseId":48,"cycle":49,"description":324,"severity":256,"cvssScore":325,"epssScore":326,"inKev":20,"publishedAt":327,"url":328},{"cveId":323,"releaseId":42,"cycle":43,"description":324,"severity":256,"cvssScore":325,"epssScore":326,"inKev":20,"publishedAt":327,"url":328},{"cveId":323,"releaseId":36,"cycle":37,"description":324,"severity":256,"cvssScore":325,"epssScore":326,"inKev":20,"publishedAt":327,"url":328},{"cveId":323,"releaseId":30,"cycle":31,"description":324,"severity":256,"cvssScore":325,"epssScore":326,"inKev":20,"publishedAt":327,"url":328},{"cveId":323,"releaseId":25,"cycle":26,"description":324,"severity":256,"cvssScore":325,"epssScore":326,"inKev":20,"publishedAt":327,"url":328},{"cveId":341,"releaseId":25,"cycle":26,"description":342,"severity":256,"cvssScore":325,"epssScore":343,"inKev":20,"publishedAt":344,"url":345},{"cveId":341,"releaseId":113,"cycle":114,"description":342,"severity":256,"cvssScore":325,"epssScore":343,"inKev":20,"publishedAt":344,"url":345},{"cveId":341,"releaseId":107,"cycle":108,"description":342,"severity":256,"cvssScore":325,"epssScore":343,"inKev":20,"publishedAt":344,"url":345},{"cveId":341,"releaseId":101,"cycle":102,"description":342,"severity":256,"cvssScore":325,"epssScore":343,"inKev":20,"publishedAt":344,"url":345},{"cveId":341,"releaseId":95,"cycle":96,"description":342,"severity":256,"cvssScore":325,"epssScore":343,"inKev":20,"publishedAt":344,"url":345},{"cveId":341,"releaseId":89,"cycle":90,"description":342,"severity":256,"cvssScore":325,"epssScore":343,"inKev":20,"publishedAt":344,"url":345},{"cveId":341,"releaseId":83,"cycle":84,"description":342,"severity":256,"cvssScore":325,"epssScore":343,"inKev":20,"publishedAt":344,"url":345},{"cveId":341,"releaseId":77,"cycle":78,"description":342,"severity":256,"cvssScore":325,"epssScore":343,"inKev":20,"publishedAt":344,"url":345},{"cveId":341,"releaseId":71,"cycle":72,"description":342,"severity":256,"cvssScore":325,"epssScore":343,"inKev":20,"publishedAt":344,"url":345},{"cveId":341,"releaseId":65,"cycle":66,"description":342,"severity":256,"cvssScore":325,"epssScore":343,"inKev":20,"publishedAt":344,"url":345},{"cveId":341,"releaseId":59,"cycle":60,"description":342,"severity":256,"cvssScore":325,"epssScore":343,"inKev":20,"publishedAt":344,"url":345},{"cveId":341,"releaseId":54,"cycle":55,"description":342,"severity":256,"cvssScore":325,"epssScore":343,"inKev":20,"publishedAt":344,"url":345},{"cveId":341,"releaseId":48,"cycle":49,"description":342,"severity":256,"cvssScore":325,"epssScore":343,"inKev":20,"publishedAt":344,"url":345},{"cveId":341,"releaseId":42,"cycle":43,"description":342,"severity":256,"cvssScore":325,"epssScore":343,"inKev":20,"publishedAt":344,"url":345},{"cveId":341,"releaseId":36,"cycle":37,"description":342,"severity":256,"cvssScore":325,"epssScore":343,"inKev":20,"publishedAt":344,"url":345},{"cveId":341,"releaseId":30,"cycle":31,"description":342,"severity":256,"cvssScore":325,"epssScore":343,"inKev":20,"publishedAt":344,"url":345}]