CVE-2026-32283

ADVISORY - nist

Summary

If one side of the TLS connection sends multiple key update messages post-handshake in a single record, the connection can deadlock, causing uncontrolled consumption of resources. This can lead to a denial of service. This only affects TLS 1.3.

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-noinfo⁠

Impacted images

Advisories

GoLang

CREATED

7 hours ago

UPDATED

7 hours ago

ADVISORY IDGO-2026-4870⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Package	Type	OS Name	OS Version	Affected Ranges	Fix Versions
stdlib	golang	-	-	>=1.26.0-0,<1.26.2	1.26.2
stdlib	golang	-	-	<1.25.9	1.25.9

Severity and metrics

No CVSS data available from this advisory.

NIST