Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Go toolchain — Vulnerabilities & Security Advisories 19

Browse all 19 CVE security advisories affecting Go toolchain. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Go toolchain:cmd/gocmd/compilecmd/cgo
CVE IDTitleCVSSSeverityPublished
CVE-2026-27140 Code execution vulnerability in SWIG code generation in cmd/go — cmd/go 7.8AIHighAI2026-04-08
CVE-2026-27143 Missing bound checks can lead to memory corruption in safe Go in cmd/compile — cmd/compile 8.4AIHighAI2026-04-08
CVE-2026-27144 Miscompilation allows memory corruption via CONVNOP-wrapped array copy in cmd/compile — cmd/compile 8.4AIHighAI2026-04-08
CVE-2025-61732 Potential code smuggling via doc comments in cmd/cgo — cmd/cgo 9.8AICriticalAI2026-02-05
CVE-2025-61731 Arbitrary file write using cgo pkg-config directive in cmd/go — cmd/go 5.5AIMediumAI2026-01-28
CVE-2025-68119 Unexpected code execution when invoking toolchain in cmd/go — cmd/go 9.8AICriticalAI2026-01-28
CVE-2025-4674 Unexpected command execution in untrusted VCS repositories in cmd/go — cmd/go 9.8AICriticalAI2025-07-29
CVE-2025-22867 Arbitrary code execution during build on darwin in cmd/go — cmd/go 9.8 -2025-02-06
CVE-2024-45340 GOAUTH credential leak in cmd/go — cmd/go 9.1 -2025-01-28
CVE-2023-24531 Output of "go env" does not sanitize values in cmd/go — cmd/go 9.8AICriticalAI2024-07-02
CVE-2024-24787 Arbitrary code execution during build on Darwin in cmd/go — cmd/go 8.8AIHighAI2024-05-08
CVE-2023-45285 Command 'go get' may unexpectedly fallback to insecure git in cmd/go — cmd/go 9.1 -2023-12-06
CVE-2023-39323 Arbitrary code execution during build via line directives in cmd/go — cmd/go 7.4 -2023-10-05
CVE-2023-39320 Arbitrary code execution via go.mod toolchain directive in cmd/go — cmd/go 9.8 -2023-09-08
CVE-2023-29405 Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go — cmd/go 9.8 -2023-06-08
CVE-2023-29404 Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go — cmd/go 9.8 -2023-06-08
CVE-2023-29402 Code injection via go command with cgo in cmd/go — cmd/go 8.4 -2023-06-08
CVE-2020-28366 Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo — cmd/go 8.0 -2020-11-18
CVE-2020-28367 Arbitrary code execution via the go command with cgo in cmd/go — cmd/go 8.8 -2020-11-18

This page lists every published CVE security advisory associated with Go toolchain. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.