CVE-2026-27144 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.1 HIGH	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Affected Products (NVD)

Vendor	Product	Version
golang	go	𝑥 < 1.25.9
golang	go	1.26.0 ≤ 𝑥 < 1.26.2

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

golang

jammy	dne
noble	dne
questing	dne
resolute	dne

golang-1.6

jammy	dne
noble	dne
questing	dne
resolute	dne
xenial	needs-triage

golang-1.8

bionic	needs-triage
jammy	dne
noble	dne
questing	dne
resolute	dne

golang-1.9

bionic	needs-triage
jammy	dne
noble	dne
questing	dne
resolute	dne

golang-1.10

bionic	needs-triage
jammy	dne
noble	dne
questing	dne
resolute	dne
trusty	needs-triage
xenial	needs-triage

golang-1.13

bionic	needs-triage
focal	needs-triage
jammy	needs-triage
noble	dne
questing	dne
resolute	dne
xenial	ignored

golang-1.14

focal	needs-triage
jammy	dne
noble	dne
questing	dne
resolute	dne

golang-1.16

bionic	needs-triage
focal	needs-triage
jammy	dne
noble	dne
questing	dne
resolute	dne

golang-1.17

jammy	needs-triage
noble	dne
questing	dne
resolute	dne

golang-1.18

bionic	needs-triage
focal	needs-triage
jammy	needs-triage
noble	dne
questing	dne
resolute	dne
xenial	ignored

golang-1.20

focal	needs-triage
jammy	needs-triage
noble	dne
questing	dne
resolute	dne

golang-1.21

focal	needs-triage
jammy	needs-triage
noble	needs-triage
questing	dne
resolute	dne

golang-1.22

focal	needs-triage
jammy	needs-triage
noble	needs-triage
questing	dne
resolute	dne

golang-1.23

jammy	needs-triage
noble	needs-triage
questing	needs-triage
resolute	needs-triage

golang-1.24

jammy	needs-triage
noble	needs-triage
questing	needs-triage
resolute	needs-triage

golang-1.25

jammy	dne
noble	dne
questing	needs-triage
resolute	needs-triage

Red Hat Enterprise Linux Releases

Red Hat Product

Release

go-toolset

RHEL 9

0:1.25.9-1.el9_7

fixed

golang

RHEL 9

0:1.25.9-1.el9_7

fixed

golang-bin

RHEL 9

0:1.25.9-1.el9_7

fixed

golang-docs

RHEL 9

0:1.25.9-1.el9_7

fixed

golang-misc

RHEL 9

0:1.25.9-1.el9_7

fixed

golang-race

RHEL 9

0:1.25.9-1.el9_7

fixed

golang-src

RHEL 9

0:1.25.9-1.el9_7

fixed

golang-tests

RHEL 9

0:1.25.9-1.el9_7

fixed

Common Weakness Enumeration

CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
The program allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.

Vulnerability Media Exposure

[GERMAN] Golang Go: Mehrere Schwachstellen
Ein Angreifer kann mehrere Schwachstellen in Golang Go ausnutzen, um Speicherbeschädigungen zu verursachen, beliebigen Code auszuführen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand auszulösen oder andere, nicht näher spezifizierte Angriffe durchzuführen.
Published: 2026-04-07T22:00:00+00:00

References

https://go.dev/cl/763764

https://go.dev/issue/78371

https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU

https://pkg.go.dev/vuln/GO-2026-4867