Api.Msrc.Microsoft
Multiple CVEs Cause Panic in Go's Certificate Validation
First seen 18 Feb 2026, 12:23 UTC
•
•74% similarity
•46.1
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
Two vulnerabilities have been identified in Go's crypto/x509 package affecting TLS clients. CVE-2022-27536, published on April 20, 2022, allows a remote TLS server to cause a panic on macOS with malformed certificates. CVE-2025-58188, published on October 29, 2025, results in a panic when validating certificates with DSA public keys.
ThreatCluster AI
Timeline
2022-04-20
CVE-2022-27536 published
2025-10-29
CVE-2025-58188 published
2026-02-18
Both CVEs reported in articles