CVE-2025-58190 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	5.3 MEDIUM	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Base Score

CVSS 3.x

EPSS Score

Percentile: 5%

Affected Products (NVD)

Vendor	Product	Version
go	html	𝑥 < 0.45.0

𝑥

= Vulnerable software versions

openSUSE / SLES Releases

openSUSE Product

Release

alloy

suse enterprise desktop 15 SP7	1.12.1-150700.15.12.1 fixed
suse enterprise sap 15 SP7	1.12.1-150700.15.12.1 fixed
suse enterprise server 15 SP7	1.12.1-150700.15.12.1 fixed

helm

suse enterprise sap 15 SP6	3.19.1-150000.1.57.1 fixed
suse enterprise sap 15 SP7	3.19.1-150000.1.57.1 fixed
suse enterprise server 15 SP3	3.19.1-150000.1.57.1 fixed
suse enterprise server 15 SP4	3.19.1-150000.1.57.1 fixed
suse enterprise server 15 SP5	3.19.1-150000.1.57.1 fixed
suse enterprise server 15 SP6	3.19.1-150000.1.57.1 fixed
suse enterprise server 15 SP7	3.19.1-150000.1.57.1 fixed

helm-bash-completion

suse enterprise sap 15 SP6	3.19.1-150000.1.57.1 fixed
suse enterprise sap 15 SP7	3.19.1-150000.1.57.1 fixed
suse enterprise server 15 SP3	3.19.1-150000.1.57.1 fixed
suse enterprise server 15 SP4	3.19.1-150000.1.57.1 fixed
suse enterprise server 15 SP5	3.19.1-150000.1.57.1 fixed
suse enterprise server 15 SP6	3.19.1-150000.1.57.1 fixed
suse enterprise server 15 SP7	3.19.1-150000.1.57.1 fixed

helm-zsh-completion

suse enterprise sap 15 SP6	3.19.1-150000.1.57.1 fixed
suse enterprise sap 15 SP7	3.19.1-150000.1.57.1 fixed
suse enterprise server 15 SP3	3.19.1-150000.1.57.1 fixed
suse enterprise server 15 SP4	3.19.1-150000.1.57.1 fixed
suse enterprise server 15 SP5	3.19.1-150000.1.57.1 fixed
suse enterprise server 15 SP6	3.19.1-150000.1.57.1 fixed
suse enterprise server 15 SP7	3.19.1-150000.1.57.1 fixed

Known Exploits!

https://github.com/golang/vulndb/issues/4441

Common Weakness Enumeration

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
The program contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

Vulnerability Media Exposure

[GERMAN] Splunk Splunk Enterprise: Mehrere Schwachstellen
Ein Angreifer kann mehrere Schwachstellen in Splunk Splunk Enterprise ausnutzen, um Sicherheitsvorkehrungen zu umgehen, Daten zu manipulieren, vertrauliche Informationen offenzulegen oder einen Denial-of-Service-Zustand zu verursachen.
Published: 2026-05-20T22:00:00+00:00

References

https://github.com/golang/vulndb/issues/4441

https://go.dev/cl/709875

https://groups.google.com/g/golang-announce/c/jnQcOYpiR2c

https://pkg.go.dev/vuln/GO-2026-4441