CVE-2026-33814 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 42%

Affected Products (NVD)

Vendor	Product	Version
golang	go	𝑥 < 1.25.10
golang	go	1.26.0 ≤ 𝑥 < 1.26.3
golang	http2	𝑥 < 0.53.0

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

golang-golang-x-net

bookworm	no-dsa
bullseye	no-dsa
forky	1:0.56.0-1 fixed
sid	1:0.56.0-1 fixed
trixie	no-dsa

openSUSE / SLES Releases

openSUSE Product

Release

azure-storage-azcopy

suse enterprise sap 15 SP4	10.32.4-150400.9.11.1 fixed
suse enterprise sap 15 SP5	10.32.4-150400.9.11.1 fixed
suse enterprise sap 15 SP6	10.32.4-150400.9.11.1 fixed
suse enterprise sap 15 SP7	10.32.4-150400.9.11.1 fixed
suse enterprise server 15 SP4	10.32.4-150400.9.11.1 fixed
suse enterprise server 15 SP5	10.32.4-150400.9.11.1 fixed
suse enterprise server 15 SP6	10.32.4-150400.9.11.1 fixed
suse enterprise server 15 SP7	10.32.4-150400.9.11.1 fixed

google-cloud-sap-agent

suse enterprise sap 15 SP4	3.14-150100.3.71.1 fixed
suse enterprise sap 15 SP5	3.14-150100.3.71.1 fixed
suse enterprise sap 15 SP6	3.14-150100.3.71.1 fixed
suse enterprise sap 15 SP7	3.14-150100.3.71.1 fixed
suse enterprise server 15 SP4	3.14-150100.3.71.1 fixed
suse enterprise server 15 SP5	3.14-150100.3.71.1 fixed
suse enterprise server 15 SP6	3.14-150100.3.71.1 fixed
suse enterprise server 15 SP7	3.14-150100.3.71.1 fixed

helm

suse enterprise sap 15 SP7	3.21.0-150000.1.75.1 fixed
suse enterprise server 15 SP4	3.21.0-150000.1.75.1 fixed
suse enterprise server 15 SP5	3.21.0-150000.1.75.1 fixed
suse enterprise server 15 SP6	3.21.0-150000.1.75.1 fixed
suse enterprise server 15 SP7	3.21.0-150000.1.75.1 fixed

helm-bash-completion

suse enterprise sap 15 SP7	3.21.0-150000.1.75.1 fixed
suse enterprise server 15 SP4	3.21.0-150000.1.75.1 fixed
suse enterprise server 15 SP5	3.21.0-150000.1.75.1 fixed
suse enterprise server 15 SP6	3.21.0-150000.1.75.1 fixed
suse enterprise server 15 SP7	3.21.0-150000.1.75.1 fixed

helm-zsh-completion

suse enterprise sap 15 SP7	3.21.0-150000.1.75.1 fixed
suse enterprise server 15 SP4	3.21.0-150000.1.75.1 fixed
suse enterprise server 15 SP5	3.21.0-150000.1.75.1 fixed
suse enterprise server 15 SP6	3.21.0-150000.1.75.1 fixed
suse enterprise server 15 SP7	3.21.0-150000.1.75.1 fixed

ignition

suse enterprise server 15 SP6

2.14.0-150400.9.18.1

fixed

ignition-dracut-grub2

suse enterprise server 15 SP6

2.14.0-150400.9.18.1

fixed

terraform-provider-local

suse enterprise sap 15 SP4	2.0.0-150200.6.14.1 fixed
suse enterprise sap 15 SP5	2.0.0-150200.6.14.1 fixed
suse enterprise server 15 SP4	2.0.0-150200.6.14.1 fixed
suse enterprise server 15 SP5	2.0.0-150200.6.14.1 fixed

terraform-provider-null

suse enterprise sap 15 SP4	3.0.0-150200.6.15.1 fixed
suse enterprise sap 15 SP5	3.0.0-150200.6.15.1 fixed
suse enterprise server 15 SP4	3.0.0-150200.6.15.1 fixed
suse enterprise server 15 SP5	3.0.0-150200.6.15.1 fixed

Amazon Linux Releases

Amazon Package

Release

amazon-cloudwatch-agent

Amazon Linux 2	0:1.300066.2-2.amzn2 fixed
Amazon Linux 2023	0:1.300066.2-2.amzn2023 fixed

amazon-ecr-credential-helper

Amazon Linux 2023

0:0.12.0-3.amzn2023

fixed

amazon-ssm-agent

Amazon Linux 2	0:3.3.4515.0-1.amzn2 fixed
Amazon Linux 2023	0:3.3.4515.0-1.amzn2023 fixed

captree

Amazon Linux 2023

0:2.73-1.amzn2023.0.7

fixed

captree-debuginfo

Amazon Linux 2023

0:2.73-1.amzn2023.0.7

fixed

cni-plugins

Amazon Linux 2	0:1.7.1-1.amzn2.0.6 fixed
Amazon Linux 2023	0:1.7.1-1.amzn2023.0.6 fixed

cni-plugins-debuginfo

Amazon Linux 2	0:1.7.1-1.amzn2.0.6 fixed
Amazon Linux 2023	0:1.7.1-1.amzn2023.0.6 fixed

cni-plugins-debugsource

Amazon Linux 2023

0:1.7.1-1.amzn2023.0.6

fixed

compat-golang-github-cpuguy83-md2man-2-devel

Amazon Linux 2023

0:2.0.2-24.amzn2023.0.7

fixed

containerd

Amazon Linux 2023

0:2.2.3-1.amzn2023.0.2

fixed

containerd-debuginfo

Amazon Linux 2023

0:2.2.3-1.amzn2023.0.2

fixed

containerd-debugsource

Amazon Linux 2023

0:2.2.3-1.amzn2023.0.2

fixed

containerd-stress

Amazon Linux 2023

0:2.2.3-1.amzn2023.0.2

fixed

containerd-stress-debuginfo

Amazon Linux 2023

0:2.2.3-1.amzn2023.0.2

fixed

credentials-fetcher

Amazon Linux 2023

0:2.0.1-1.amzn2023.0.5

fixed

cri-tools

Amazon Linux 2

0:1.32.0-1.amzn2.0.6

fixed

cri-tools-debuginfo

Amazon Linux 2

0:1.32.0-1.amzn2.0.6

fixed

docker

Amazon Linux 2023

0:25.0.14-1.amzn2023.0.6

fixed

docker-debuginfo

Amazon Linux 2023

0:25.0.14-1.amzn2023.0.6

fixed

docker-debugsource

Amazon Linux 2023

0:25.0.14-1.amzn2023.0.6

fixed

ecs-init

Amazon Linux 2023

0:1.103.2-1.amzn2023

fixed

git-lfs

Amazon Linux 2023

0:3.7.1-80.amzn2023

fixed

git-lfs-debuginfo

Amazon Linux 2023

0:3.7.1-80.amzn2023

fixed

git-lfs-debugsource

Amazon Linux 2023

0:3.7.1-80.amzn2023

fixed

golang

Amazon Linux 2	0:1.25.10-1.amzn2.0.1 fixed
Amazon Linux 2023	0:1.25.10-1.amzn2023.0.1 fixed

golang-bin

Amazon Linux 2	0:1.25.10-1.amzn2.0.1 fixed
Amazon Linux 2023	0:1.25.10-1.amzn2023.0.1 fixed

golang-docs

Amazon Linux 2	0:1.25.10-1.amzn2.0.1 fixed
Amazon Linux 2023	0:1.25.10-1.amzn2023.0.1 fixed

golang-github-burntsushi-toml

Amazon Linux 2023

0:1.5.0-1.amzn2023.0.1

fixed

golang-github-burntsushi-toml-debuginfo

Amazon Linux 2023

0:1.5.0-1.amzn2023.0.1

fixed

golang-github-burntsushi-toml-debugsource

Amazon Linux 2023

0:1.5.0-1.amzn2023.0.1

fixed

golang-github-burntsushi-toml-devel

Amazon Linux 2023

0:1.5.0-1.amzn2023.0.1

fixed

golang-github-burntsushi-toml-test

Amazon Linux 2023

0:0.2.0-8.amzn2023.0.3

fixed

golang-github-burntsushi-toml-test-debuginfo

Amazon Linux 2023

0:0.2.0-8.amzn2023.0.3

fixed

golang-github-burntsushi-toml-test-debugsource

Amazon Linux 2023

0:0.2.0-8.amzn2023.0.3

fixed

golang-github-burntsushi-toml-test-devel

Amazon Linux 2023

0:0.2.0-8.amzn2023.0.3

fixed

golang-github-cpuguy83-md2man

Amazon Linux 2023

0:2.0.2-24.amzn2023.0.7

fixed

golang-github-cpuguy83-md2man-debuginfo

Amazon Linux 2023

0:2.0.2-24.amzn2023.0.7

fixed

golang-github-cpuguy83-md2man-debugsource

Amazon Linux 2023

0:2.0.2-24.amzn2023.0.7

fixed

golang-github-cpuguy83-md2man-devel

Amazon Linux 2023

0:2.0.2-24.amzn2023.0.7

fixed

golang-misc

Amazon Linux 2	0:1.25.10-1.amzn2.0.1 fixed
Amazon Linux 2023	0:1.25.10-1.amzn2023.0.1 fixed

golang-shared

Amazon Linux 2	0:1.25.10-1.amzn2.0.1 fixed
Amazon Linux 2023	0:1.25.10-1.amzn2023.0.1 fixed

golang-src

Amazon Linux 2	0:1.25.10-1.amzn2.0.1 fixed
Amazon Linux 2023	0:1.25.10-1.amzn2023.0.1 fixed

golang-tests

Amazon Linux 2	0:1.25.10-1.amzn2.0.1 fixed
Amazon Linux 2023	0:1.25.10-1.amzn2023.0.1 fixed

golist

Amazon Linux 2	0:0.10.1-10.amzn2.0.13 fixed
Amazon Linux 2023	0:0.10.4-12.amzn2023.0.9 fixed

golist-debuginfo

Amazon Linux 2	0:0.10.1-10.amzn2.0.13 fixed
Amazon Linux 2023	0:0.10.4-12.amzn2023.0.9 fixed

golist-debugsource

Amazon Linux 2023

0:0.10.4-12.amzn2023.0.9

fixed

libcap

Amazon Linux 2023

0:2.73-1.amzn2023.0.7

fixed

libcap-debuginfo

Amazon Linux 2023

0:2.73-1.amzn2023.0.7

fixed

libcap-debugsource

Amazon Linux 2023

0:2.73-1.amzn2023.0.7

fixed

libcap-devel

Amazon Linux 2023

0:2.73-1.amzn2023.0.7

fixed

libcap-static

Amazon Linux 2023

0:2.73-1.amzn2023.0.7

fixed

nerdctl

Amazon Linux 2	0:2.2.2-1.amzn2.0.2 fixed
Amazon Linux 2023	0:2.2.2-1.amzn2023.0.2 fixed

nerdctl-debuginfo

Amazon Linux 2

0:2.2.2-1.amzn2.0.2

fixed

oci-add-hooks

Amazon Linux 2023

0:0-0.1.20200504git268e3bb.amzn2023.0.11

fixed

oci-add-hooks-debuginfo

Amazon Linux 2023

0:0-0.1.20200504git268e3bb.amzn2023.0.11

fixed

oci-add-hooks-debugsource

Amazon Linux 2023

0:0-0.1.20200504git268e3bb.amzn2023.0.11

fixed

rclone

Amazon Linux 2	0:1.55.1-1.amzn2.0.6 fixed
Amazon Linux 2023	0:1.73.5-76.amzn2023 fixed

rclone-debuginfo

Amazon Linux 2	0:1.55.1-1.amzn2.0.6 fixed
Amazon Linux 2023	0:1.73.5-76.amzn2023 fixed

rclone-debugsource

Amazon Linux 2023

0:1.73.5-76.amzn2023

fixed

runc

Amazon Linux 2023

0:1.3.4-5.amzn2023.0.2

fixed

runc-debuginfo

Amazon Linux 2023

0:1.3.4-5.amzn2023.0.2

fixed

runc-debugsource

Amazon Linux 2023

0:1.3.4-5.amzn2023.0.2

fixed

runfinch-finch

Amazon Linux 2023

0:1.17.0-1.amzn2023.0.2

fixed

soci-snapshotter

Amazon Linux 2023

0:0.13.0-1.amzn2023.0.3

fixed

Amazon Linux 2023

0:4.47.1-13.amzn2023

fixed

yq-debuginfo

Amazon Linux 2023

0:4.47.1-13.amzn2023

fixed

yq-debugsource

Amazon Linux 2023

0:4.47.1-13.amzn2023

fixed

Azure Linux Releases

Azure Package

Release

application-gateway-kubernetes-ingress

Azure Linux 3.0

0:1.7.7-5.azl3

fixed

azurelinux-image-tools

Azure Linux 3.0

0:1.4.0-2.azl3

fixed

cert-manager

Azure Linux 3.0

0:1.12.15-9.azl3

fixed

containerd2

Azure Linux 3.0

0:2.2.4-2.azl3

fixed

containerized-data-importer

Azure Linux 3.0

0:1.62.0-6.azl3

fixed

etcd

Azure Linux 3.0

0:3.5.30-2.azl3

fixed

golang

Azure Linux 3.0

0:1.26.3-1.azl3

fixed

ignition-flatcar

Azure Linux 3.0

0:2.22.0-5.azl3

fixed

kata-containers

Azure Linux 3.0

0:3.19.1.kata3-4.azl3

fixed

kata-containers-cc

Azure Linux 3.0

0:3.15.0.aks0-12.azl3

fixed

kubevirt

Azure Linux 3.0

0:1.7.1-7.azl3

fixed

packer

Azure Linux 3.0

0:1.9.5-15.azl3

fixed

Common Weakness Enumeration

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
The program contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

Vulnerability Media Exposure

[GERMAN] Golang Go: Mehrere Schwachstellen
Ein Angreifer kann mehrere Schwachstellen in Golang Go ausnutzen, um Sicherheitsvorkehrungen zu umgehen, Daten zu manipulieren, Cross-Site-Scripting-Angriffe durchzuführen, vertrauliche Informationen offenzulegen oder einen Denial-of-Service-Zustand zu verursachen.
Published: 2026-05-07T22:00:00+00:00

References

https://go.dev/cl/761581

https://go.dev/cl/761640

https://go.dev/issue/78476

https://groups.google.com/g/golang-announce/c/qcCIEXso47M

https://pkg.go.dev/vuln/GO-2026-4918