ГлавнаяУязвимости → CVE-2026-27137
7.5высокая

CVE-2026-27137

→ есть в БДУ: BDU:2026-04124 (на русском)
Описание (на английском; русское — в БДУ выше)

When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered.

Затрагиваемое ПО
Golang Go
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Источники
https://go.dev/cl/752182https://go.dev/issue/77952https://groups.google.com/g/golang-announce/c/EdhZqrQ98hkhttps://pkg.go.dev/vuln/GO-2026-4599https://access.redhat.com/errata/RHSA-2026:10125https://access.redhat.com/errata/RHSA-2026:10158https://access.redhat.com/errata/RHSA-2026:10169https://access.redhat.com/errata/RHSA-2026:10175