CVE-2026-32288
ADVISORY - nistSummary
tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archive containing a large number of sparse regions encoded in the "old GNU sparse map" format.
Common Weakness Enumeration (CWE)
ADVISORY - nist
GoLang
CREATED
UPDATED
ADVISORY IDGO-2026-4869
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
| Package | Type | OS Name | OS Version | Affected Ranges | Fix Versions |
|---|---|---|---|---|---|
| stdlib | golang | - | - | >=1.26.0-0,<1.26.2 | 1.26.2 |
| stdlib | golang | - | - | <1.25.9 | 1.25.9 |
Severity and metrics
No CVSS data available from this advisory.
NIST
CREATED
UPDATED
ADVISORY IDCVE-2026-32288
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)