| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-58185 | Parsing DER payload can cause memory exhaustion in encoding/asn1 | Go standard library | encoding/asn1 | - | - | 2025-10-29 22:10:14 | Deep Dive |
| CVE-2025-58183 | Unbounded allocation when parsing GNU sparse map in archive/tar | Go standard library | archive/tar | - | - | 2025-10-29 22:10:14 | Deep Dive |
| CVE-2025-58186 | Lack of limit when parsing cookies can cause memory exhaustion in net/http | Go standard library | net/http | - | - | 2025-10-29 22:10:14 | Deep Dive |
| CVE-2025-58188 | Panic when validating certificates with DSA public keys in crypto/x509 | Go standard library | crypto/x509 | - | - | 2025-10-29 22:10:14 | Deep Dive |
| CVE-2025-58187 | Quadratic complexity when checking name constraints in crypto/x509 | Go standard library | crypto/x509 | - | - | 2025-10-29 22:10:13 | Deep Dive |
| CVE-2025-58189 | ALPN negotiation error contains attacker controlled information in crypto/tls | Go standard library | crypto/tls | - | - | 2025-10-29 22:10:13 | Deep Dive |
| CVE-2025-61723 | Quadratic complexity when parsing some invalid inputs in encoding/pem | Go standard library | encoding/pem | - | - | 2025-10-29 22:10:13 | Deep Dive |
| CVE-2025-47912 | Insufficient validation of bracketed IPv6 hostnames in net/url | Go standard library | net/url | - | - | 2025-10-29 22:10:13 | Deep Dive |
| CVE-2025-61725 | Excessive CPU consumption in ParseAddress in net/mail | Go standard library | net/mail | - | - | 2025-10-29 22:10:12 | Deep Dive |
| CVE-2025-47910 | CrossOriginProtection insecure bypass patterns not limited to exact matches in net/http | Go standard library | net/http | - | - | 2025-09-22 21:01:55 | Deep Dive |
| CVE-2025-47906 | Unexpected paths returned from LookPath in os/exec | Go standard library | os/exec | - | - | 2025-09-18 18:41:12 | Deep Dive |
| CVE-2025-30033 | Siemens多款产品 代码问题漏洞 | Siemens | Automation License Manager V6.0 | High | 7.8 | 2025-08-12 11:16:57 | Deep Dive |
| CVE-2025-47907 | Incorrect results returned from Rows.Scan in database/sql | Go standard library | database/sql | - | - | 2025-08-07 15:25:31 | Deep Dive |
| CVE-2024-8244 | Walk/WalkDir in path/filepath susceptible to symlink race | Go standard library | path/filepath | 中危 | - | 2025-08-06 15:32:27 | Deep Dive |
| CVE-2025-0913 | Inconsistent handling of O_CREATE|O_EXCL on Unix and Windows in os in syscall | Go standard library | syscall | - | - | 2025-06-11 17:17:26 | Deep Dive |
| CVE-2025-4673 | Sensitive headers not cleared on cross-origin redirect in net/http | Go standard library | net/http | - | - | 2025-06-11 16:42:53 | Deep Dive |
| CVE-2025-22874 | Usage of ExtKeyUsageAny disables policy validation in crypto/x509 | Go standard library | crypto/x509 | - | - | 2025-06-11 16:42:53 | Deep Dive |
| CVE-2025-22871 | Request smuggling due to acceptance of invalid chunked data in net/http | Go standard library | net/http/internal | - | - | 2025-04-08 20:04:35 | Deep Dive |
| CVE-2025-22870 | HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net | Go standard library | net/http | 中危 | - | 2025-03-12 18:27:59 | Deep Dive |
| CVE-2025-22866 | Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec | Go standard library | crypto/internal/nistec | 低危 | - | 2025-02-06 16:54:10 | Deep Dive |