VDB
DEBIAN-CVE-2026-27143
DEBIAN-CVE-2026-27143
PUBLISHED
CVSS 9.800000190734863 CRITICAL
Arithmetic over induction variables in loops were not correctly checked for underflow or overflow. As a result, the compiler would allow for invalid indexing to occur at runtime, potentially leading to memory corruption.
Risk Scores
CVSS v3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | golang-1.15 | 1.15.15-5, 1.15.9-6, 1.15.15-2 |
| Debian:14 | golang-1.26 | 1.26.1-1, 1.26, 1.26 |
| Debian:12 | golang-1.19 | 1.19.8-2, 1.19.10-1, 1.19.12-1 |
| Debian:13 | golang-1.24 | 1.24.12-1, 1.24.13-1, 1.24.13-2 |
| Debian:14 | golang-1.25 | 0, 1.25.0-1, 1.25.0-2 |
Timeline
- Apr 8, 2026 CVE Published
- Apr 28, 2026 CVE Updated