CVE-2026-25680 | THREATINT

Description

Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service.

PUBLISHED Reserved 2026-02-05 | Published 2026-05-22 | Updated 2026-05-22 | Assigner Go

Problem types

CWE-407: Inefficient Algorithmic Complexity

Product status

Default status

unaffected

Any version before 0.55.0

affected

Credits

IPC Labs

References

go.dev/cl/781702

go.dev/issue/79573

groups.google.com/g/golang-announce/c/iI-mYSI0lu8

pkg.go.dev/vuln/GO-2026-5028

cve.org (CVE-2026-25680)

nvd.nist.gov (CVE-2026-25680)

Download JSON

help @ threatint.eu