Svi
Pretraži prema proizvođaču
Pretraži prema CWE oznaci
O usluzi
Pretplate
Jezik
hr
en
CVE-2026-27140 - CERT CVE
CVE-2026-27140
ID
CVE-2026-27140
Sažetak
SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass.
Reference
https://go.dev/cl/763768
https://go.dev/issue/78335
https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU
https://pkg.go.dev/vuln/GO-2026-4871
https://access.redhat.com/errata/RHSA-2026:10217
https://access.redhat.com/errata/RHSA-2026:10219
https://access.redhat.com/errata/RHSA-2026:10704
https://access.redhat.com/errata/RHSA-2026:16021
https://access.redhat.com/errata/RHSA-2026:16024
https://access.redhat.com/errata/RHSA-2026:16494
https://access.redhat.com/errata/RHSA-2026:16497
https://access.redhat.com/errata/RHSA-2026:16498
https://access.redhat.com/errata/RHSA-2026:16694
https://access.redhat.com/errata/RHSA-2026:16697
https://access.redhat.com/errata/RHSA-2026:16698
https://access.redhat.com/errata/RHSA-2026:23246
https://access.redhat.com/errata/RHSA-2026:25182
https://access.redhat.com/errata/RHSA-2026:34099
https://access.redhat.com/security/cve/CVE-2026-27140
https://bugzilla.redhat.com/show_bug.cgi?id=2456341
https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-27140.json
CVSS
Base:
8.8
Impact:
5.9
Exploitability:
2.8
Pristup
Vektor
Složenost
Autentikacija
NETWORK
LOW
NONE
Impact
Povjerljivost
Cjelovitost
Dostupnost
HIGH
HIGH
HIGH
CVSS vektor
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Zadnje važnije ažuriranje
09-07-2026 - 13:16
Objavljeno
08-04-2026 - 02:16