CVE-2025-61726 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 13%

Affected Products (NVD)

Vendor	Product	Version
golang	go	𝑥 < 1.24.12
golang	go	1.25.0 ≤ 𝑥 < 1.25.6

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

golang-1.15

bullseye

postponed

golang-1.19

bookworm

no-dsa

golang-1.24

trixie

no-dsa

golang-1.25

forky	1.25.10-1 fixed
sid	1.25.10-2 fixed

Red Hat Enterprise Linux Releases

Red Hat Product

Release

buildah

RHEL 9

2:1.41.8-2.el9_7

fixed

buildah-tests

RHEL 9

2:1.41.8-2.el9_7

fixed

containernetworking-plugins

RHEL 9

1:1.7.1-3.el9_7

fixed

git-lfs

RHEL 9

0:3.6.1-7.el9_7

fixed

go-filesystem

RHEL 9

0:3.6.0-13.el9_7

fixed

go-rpm-macros

RHEL 9

0:3.6.0-13.el9_7

fixed

go-rpm-templates

RHEL 9

0:3.6.0-13.el9_7

fixed

go-srpm-macros

RHEL 9

0:3.6.0-13.el9_7

fixed

go-toolset

RHEL 9

0:1.25.7-1.el9_7

fixed

golang

RHEL 9

0:1.25.7-1.el9_7

fixed

golang-bin

RHEL 9

0:1.25.7-1.el9_7

fixed

golang-docs

RHEL 9

0:1.25.7-1.el9_7

fixed

golang-misc

RHEL 9

0:1.25.7-1.el9_7

fixed

golang-race

RHEL 9

0:1.25.7-1.el9_7

fixed

golang-src

RHEL 9

0:1.25.7-1.el9_7

fixed

golang-tests

RHEL 9

0:1.25.7-1.el9_7

fixed

grafana

RHEL 8	0:9.2.10-28.el8_10 fixed
RHEL 8.2 AUS	0:6.3.6-10.el8_2 fixed
RHEL 9	0:10.2.6-18.el9_7 fixed

grafana-azure-monitor

RHEL 8.2 AUS

0:6.3.6-10.el8_2

fixed

grafana-cloudwatch

RHEL 8.2 AUS

0:6.3.6-10.el8_2

fixed

grafana-elasticsearch

RHEL 8.2 AUS

0:6.3.6-10.el8_2

fixed

grafana-graphite

RHEL 8.2 AUS

0:6.3.6-10.el8_2

fixed

grafana-influxdb

RHEL 8.2 AUS

0:6.3.6-10.el8_2

fixed

grafana-loki

RHEL 8.2 AUS

0:6.3.6-10.el8_2

fixed

grafana-mssql

RHEL 8.2 AUS

0:6.3.6-10.el8_2

fixed

grafana-mysql

RHEL 8.2 AUS

0:6.3.6-10.el8_2

fixed

grafana-opentsdb

RHEL 8.2 AUS

0:6.3.6-10.el8_2

fixed

grafana-pcp

RHEL 9

0:5.1.1-12.el9_7

fixed

grafana-postgres

RHEL 8.2 AUS

0:6.3.6-10.el8_2

fixed

grafana-prometheus

RHEL 8.2 AUS

0:6.3.6-10.el8_2

fixed

grafana-selinux

RHEL 8	0:9.2.10-28.el8_10 fixed
RHEL 9	0:10.2.6-18.el9_7 fixed

grafana-stackdriver

RHEL 8.2 AUS

0:6.3.6-10.el8_2

fixed

image-builder

RHEL 9

0:31-3.el9_7

fixed

opentelemetry-collector

RHEL 9

0:0.144.0-1.el9_7

fixed

osbuild-composer

RHEL 8	0:101.4-4.el8_10 fixed
RHEL 8.4 AUS	0:28.7-5.el8_4 fixed
RHEL 8.6 AUS	0:46.3-6.el8_6 fixed
RHEL 8.6 E4S	0:46.3-6.el8_6 fixed
RHEL 8.6 TUS	0:46.3-6.el8_6 fixed
RHEL 8.8 E4S	0:75-7.el8_8 fixed
RHEL 8.8 TUS	0:75-7.el8_8 fixed
RHEL 9	0:149-4.el9_7 fixed

osbuild-composer-core

RHEL 8	0:101.4-4.el8_10 fixed
RHEL 8.4 AUS	0:28.7-5.el8_4 fixed
RHEL 8.6 AUS	0:46.3-6.el8_6 fixed
RHEL 8.6 E4S	0:46.3-6.el8_6 fixed
RHEL 8.6 TUS	0:46.3-6.el8_6 fixed
RHEL 8.8 E4S	0:75-7.el8_8 fixed
RHEL 8.8 TUS	0:75-7.el8_8 fixed
RHEL 9	0:149-4.el9_7 fixed

osbuild-composer-dnf-json

RHEL 8.6 AUS	0:46.3-6.el8_6 fixed
RHEL 8.6 E4S	0:46.3-6.el8_6 fixed
RHEL 8.6 TUS	0:46.3-6.el8_6 fixed
RHEL 8.8 E4S	0:75-7.el8_8 fixed
RHEL 8.8 TUS	0:75-7.el8_8 fixed

osbuild-composer-worker

RHEL 8	0:101.4-4.el8_10 fixed
RHEL 8.4 AUS	0:28.7-5.el8_4 fixed
RHEL 8.6 AUS	0:46.3-6.el8_6 fixed
RHEL 8.6 E4S	0:46.3-6.el8_6 fixed
RHEL 8.6 TUS	0:46.3-6.el8_6 fixed
RHEL 8.8 E4S	0:75-7.el8_8 fixed
RHEL 8.8 TUS	0:75-7.el8_8 fixed
RHEL 9	0:149-4.el9_7 fixed

podman

RHEL 9

6:5.6.0-14.el9_7

fixed

podman-docker

RHEL 9

6:5.6.0-14.el9_7

fixed

podman-plugins

RHEL 9

6:5.6.0-14.el9_7

fixed

podman-remote

RHEL 9

6:5.6.0-14.el9_7

fixed

podman-tests

RHEL 9

6:5.6.0-14.el9_7

fixed

rhc

RHEL 9

1:0.2.7-2.el9_7

fixed

rhc-devel

RHEL 9

1:0.2.7-2.el9_7

fixed

runc

RHEL 9

4:1.4.0-2.el9_7

fixed

skopeo

RHEL 9

2:1.20.0-3.el9_7

fixed

skopeo-tests

RHEL 9

2:1.20.0-3.el9_7

fixed

Common Weakness Enumeration

CWE-770 - Allocation of Resources Without Limits or Throttling
The software allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.

Vulnerability Media Exposure

[GERMAN] Splunk Splunk Enterprise: Mehrere Schwachstellen
Ein Angreifer kann mehrere Schwachstellen in Splunk Splunk Enterprise ausnutzen, um Sicherheitsvorkehrungen zu umgehen, Daten zu manipulieren, vertrauliche Informationen offenzulegen oder einen Denial-of-Service-Zustand zu verursachen.
Published: 2026-05-20T22:00:00+00:00

References

https://go.dev/cl/736712

https://go.dev/issue/77101

https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc

https://pkg.go.dev/vuln/GO-2026-4341