go toolchain

Top products

The 15 most recently published vulnerabilities affecting go toolchain.

• CVE-2026-42501Malicious module proxy can bypass checksum database in cmd/go7.5May 7, 2026
• CVE-2026-39817Invoking "go tool pack" does not sanitize output paths in cmd/go5.9May 7, 2026
• CVE-2026-39819Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go5.3May 7, 2026
• CVE-2026-27143Missing bound checks can lead to memory corruption in safe Go in cmd/compile9.8Apr 8, 2026
• CVE-2026-27140Code execution vulnerability in SWIG code generation in cmd/go8.8Apr 8, 2026
• CVE-2026-27144Miscompilation allows memory corruption via CONVNOP-wrapped array copy in cmd/compile7.1Apr 8, 2026
• CVE-2025-61732Potential code smuggling via doc comments in cmd/cgo8.6Feb 5, 2026
• CVE-2025-68119Unexpected code execution when invoking toolchain in cmd/go7.0Jan 28, 2026
• CVE-2025-61731Arbitrary file write using cgo pkg-config directive in cmd/go7.8Jan 28, 2026
• CVE-2025-4674Unexpected command execution in untrusted VCS repositories in cmd/go8.6Jul 29, 2025
• CVE-2025-22867Arbitrary code execution during build on darwin in cmd/go7.5Feb 6, 2025
• CVE-2024-45340GOAUTH credential leak in cmd/go8.8Jan 28, 2025
• CVE-2023-24531Output of "go env" does not sanitize values in cmd/go9.8Jul 2, 2024
• CVE-2024-24787Arbitrary code execution during build on Darwin in cmd/go6.4May 8, 2024
• CVE-2023-45285Command 'go get' may unexpectedly fallback to insecure git in cmd/go7.5Dec 6, 2023