Go
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in any Go product.
RSS Feeds for Go security vulnerabilities
Create a CVE RSS feed including security vulnerabilities found in Go products with stack.watch. Just hit watch, then grab your custom RSS feed url.
Products by Go Sorted by Most Security Vulnerabilities since 2018
By the Year
In 2026 there have been 0 vulnerabilities in Go. Last year, in 2025 Go had 2 security vulnerabilities published. Right now, Go is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 2 | 0.00 |
It may take a day or so for new Go vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Go Security Vulnerabilities
| CVE | Date | Vulnerability | Products |
|---|---|---|---|
| CVE-2025-22869 | Feb 26, 2025 |
OpenSSH File Transfer DoS via Slow Key ExchangeSSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted. |
Ssh
|
| CVE-2025-22868 | Feb 26, 2025 |
Memory Exhaustion via Malformed Token in JWT ParserAn attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing. |
Jws
|