CVE-2026-39825 ReverseProxy forwards queries with more than urlmaxqueryparams parameters in net/http/httputil
Published May 10, 2026
Information published.
Microsoft Security Response Center Blog Alerts
CVE-2026-39823 Bypass of meta content URL escaping causes XSS in html/template
Published May 10, 2026
Information published.
CVE-2026-39820 Quadratic string concatentation in consumeComment in net/mail
Published May 10, 2026
Information published.
CVE-2026-39819 Invoking "go bug" follows symlinks in predictable temporary filenames in cmd/go
Published May 10, 2026
Information published.
CVE-2026-39817 Invoking "go tool pack" does not sanitize output paths in cmd/go
Published May 10, 2026
Information published.
CVE-2026-33814 Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2 in golang.org/x/net
Published May 10, 2026
Information published.
CVE-2026-33811 Crash when handling long CNAME response in net
Published May 10, 2026
Information published.
CVE-2026-44656 Vim: OS Command Injection via 'path' completion
Published May 10, 2026
Information published.
CVE-2026-45130 Vim: Heap Buffer Overflow in spell file loading
Published May 10, 2026
Information published.
CVE-2026-6666 PgBouncer crash in kill_pool_logins_server_error
Published May 10, 2026
Information published.
