RHSA-2026:19181HighCVSS 7.5

Red Hat Security Advisory: golang security update

Published
May 19, 2026
Last Modified
July 16, 2026

🔗 CVE IDs covered (3)

📋 Description

CVE-2026-25679 — net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-27137 — crypto/x509: Incorrect enforcement of email constraints in crypto/x509 CVE-2026-32289 — html/template: golang: html/template: Cross-Site Scripting (XSS) via improper context and brace depth tracking in JS template literals

🔗 References (6)