浏览 102+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。
| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-32280 | Unexpected work during chain building in crypto/x509 | Go standard library | crypto/x509 | - | - | 2026-04-08 01:06:59 | Deep Dive |
| CVE-2026-32283 | Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS in crypto/tls | Go standard library | crypto/tls | - | - | 2026-04-08 01:06:58 | Deep Dive |
| CVE-2026-32281 | Inefficient policy validation in crypto/x509 | Go standard library | crypto/x509 | - | - | 2026-04-08 01:06:58 | Deep Dive |
| CVE-2026-33810 | Case-sensitive excludedSubtrees name constraints cause Auth Bypass in crypto/x509 | Go standard library | crypto/x509 | - | - | 2026-04-08 01:06:57 | Deep Dive |
| CVE-2026-32288 | Unbounded allocation for old GNU sparse in archive/tar | Go standard library | archive/tar | - | - | 2026-04-08 01:06:57 | Deep Dive |
| CVE-2026-32289 | JsBraceDepth Context Tracking Bugs (XSS) in html/template | Go standard library | html/template | - | - | 2026-04-08 01:06:56 | Deep Dive |
| CVE-2026-32282 | TOCTOU permits root escape on Linux via Root.Chmod in os in internal/syscall/unix | Go standard library | internal/syscall/unix | - | - | 2026-04-08 01:06:56 | Deep Dive |
| CVE-2026-27142 | URLs in meta content attribute actions are not escaped in html/template | Go standard library | html/template | 中危 | - | 2026-03-06 21:28:15 | Deep Dive |
| CVE-2026-27137 | Incorrect enforcement of email constraints in crypto/x509 | Go standard library | crypto/x509 | 高危 | - | 2026-03-06 21:28:14 | Deep Dive |
| CVE-2026-25679 | Incorrect parsing of IPv6 host literals in net/url | Go standard library | net/url | 高危 | - | 2026-03-06 21:28:14 | Deep Dive |
| CVE-2026-27138 | Panic in name constraint checking for malformed certificates in crypto/x509 | Go standard library | crypto/x509 | 高危 | - | 2026-03-06 21:28:14 | Deep Dive |
| CVE-2026-27139 | FileInfo can escape from a Root in os | Go standard library | os | 中危 | - | 2026-03-06 21:28:14 | Deep Dive |
| CVE-2025-68121 | Unexpected session resumption in crypto/tls | Go standard library | crypto/tls | - | - | 2026-02-05 17:48:44 | Deep Dive |
| CVE-2025-22873 | Improper access to parent directory of root in os | Go standard library | os | - | - | 2026-02-04 23:05:25 | Deep Dive |
| CVE-2025-61730 | Handshake messages may be processed at the incorrect encryption level in crypto/tls | Go standard library | crypto/tls | - | - | 2026-01-28 19:30:31 | Deep Dive |
| CVE-2025-61728 | Excessive CPU consumption when building archive index in archive/zip | Go standard library | archive/zip | - | - | 2026-01-28 19:30:31 | Deep Dive |
| CVE-2025-61726 | Memory exhaustion in query parameter parsing in net/url | Go standard library | net/url | - | - | 2026-01-28 19:30:31 | Deep Dive |
| CVE-2025-61727 | Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x509 | Go standard library | crypto/x509 | - | - | 2025-12-03 19:37:15 | Deep Dive |
| CVE-2025-61729 | Excessive resource consumption when printing error string for host certificate validation in crypto/x509 | Go standard library | crypto/x509 | - | - | 2025-12-02 18:54:10 | Deep Dive |
| CVE-2025-61724 | Excessive CPU consumption in Reader.ReadResponse in net/textproto | Go standard library | net/textproto | - | - | 2025-10-29 22:10:15 | Deep Dive |