CVE-2026-42507

ADVISORY - nist

Summary

When returning errors, functions in the net/textproto package would include its input as part of the error. This might allow an attacker to inject misleading content to errors that are printed or logged.

EPSS Score⁠: 0.00018 (0.048)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-noinfo⁠

Impacted images

Advisories

GoLang

CREATED

2 days ago

UPDATED

2 days ago

ADVISORY IDGO-2026-5039⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Package	Type	OS Name	OS Version	Affected Ranges	Fix Versions
stdlib	golang	-	-	<1.25.11	1.25.11
stdlib	golang	-	-	>=1.26.0-0,<1.26.4	1.26.4

Severity and metrics

No CVSS data available from this advisory.

NIST

CREATED

2 days ago

UPDATED

1 day ago

ADVISORY IDCVE-2026-42507⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-noinfo⁠

CVSS SCORE

5.3medium

Debian

CREATED

1 day ago

UPDATED

16 hours ago

ADVISORY IDCVE-2026-42507⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

1 day ago

UPDATED

16 hours ago

ADVISORY IDCVE-2026-42507⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Amedium