CVE-2026-27143 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	9.8 CRITICAL	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 6%

Affected Products (NVD)

Vendor	Product	Version
golang	go	𝑥 < 1.25.9
golang	go	1.26.0 ≤ 𝑥 < 1.26.2

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

golang-1.15

bullseye

postponed

golang-1.19

bookworm

no-dsa

golang-1.24

trixie

no-dsa

golang-1.25

forky	1.25.10-1 fixed
sid	1.25.10-2 fixed

golang-1.26

forky	1.26.3-1 fixed
sid	1.26.3-2 fixed

Ubuntu Releases

Ubuntu Product

Codename

golang

jammy	dne
noble	dne
questing	dne
resolute	dne

golang-1.6

jammy	dne
noble	dne
questing	dne
resolute	dne
xenial	needs-triage

golang-1.8

bionic	needs-triage
jammy	dne
noble	dne
questing	dne
resolute	dne

golang-1.9

bionic	needs-triage
jammy	dne
noble	dne
questing	dne
resolute	dne

golang-1.10

bionic	needs-triage
jammy	dne
noble	dne
questing	dne
resolute	dne
trusty	needs-triage
xenial	needs-triage

golang-1.13

bionic	needs-triage
focal	needs-triage
jammy	needs-triage
noble	dne
questing	dne
resolute	dne
xenial	ignored

golang-1.14

focal	needs-triage
jammy	dne
noble	dne
questing	dne
resolute	dne

golang-1.16

bionic	needs-triage
focal	needs-triage
jammy	dne
noble	dne
questing	dne
resolute	dne

golang-1.17

jammy	needs-triage
noble	dne
questing	dne
resolute	dne

golang-1.18

bionic	needs-triage
focal	needs-triage
jammy	needs-triage
noble	dne
questing	dne
resolute	dne
xenial	ignored

golang-1.20

focal	needs-triage
jammy	needs-triage
noble	dne
questing	dne
resolute	dne

golang-1.21

focal	needs-triage
jammy	needs-triage
noble	needs-triage
questing	dne
resolute	dne

golang-1.22

focal	needs-triage
jammy	needs-triage
noble	needs-triage
questing	dne
resolute	dne

golang-1.23

jammy	needs-triage
noble	needs-triage
questing	needs-triage
resolute	needs-triage

golang-1.24

jammy	needs-triage
noble	needs-triage
questing	needs-triage
resolute	needs-triage

golang-1.25

jammy	dne
noble	dne
questing	needs-triage
resolute	needs-triage

Red Hat Enterprise Linux Releases

Red Hat Product

Release

go-toolset

RHEL 9

0:1.25.9-1.el9_7

fixed

golang

RHEL 9

0:1.25.9-1.el9_7

fixed

golang-bin

RHEL 9

0:1.25.9-1.el9_7

fixed

golang-docs

RHEL 9

0:1.25.9-1.el9_7

fixed

golang-misc

RHEL 9

0:1.25.9-1.el9_7

fixed

golang-race

RHEL 9

0:1.25.9-1.el9_7

fixed

golang-src

RHEL 9

0:1.25.9-1.el9_7

fixed

golang-tests

RHEL 9

0:1.25.9-1.el9_7

fixed

Vulnerability Media Exposure

[GERMAN] Golang Go: Mehrere Schwachstellen
Ein Angreifer kann mehrere Schwachstellen in Golang Go ausnutzen, um Speicherbeschädigungen zu verursachen, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand auszulösen oder andere, nicht näher spezifizierte Angriffe durchzuführen.
Published: 2026-04-07T22:00:00+00:00

References

https://go.dev/cl/763765

https://go.dev/issue/78333

https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU

https://pkg.go.dev/vuln/GO-2026-4868