Back

SUSE Linux Go1.26 and Go1.25 Security Updates Address Critical DDoS Vulnerabilities

Severity: High (Score: 70.5)

Sources: Linuxsecurity

Summary

On May 14, 2026, SUSE released important security updates for Go1.26 and Go1.25 to address multiple vulnerabilities, including CVE-2026-33811 and CVE-2026-33814, both rated with a CVSS score of 7.5. These vulnerabilities could lead to denial-of-service conditions, including crashes and infinite loops in HTTP/2 transport. The updates also fix issues related to output path sanitization and XSS vulnerabilities in HTML templates. Affected systems include those running SUSE Linux versions utilizing Go1.26 and Go1.25. Administrators are urged to apply these updates promptly to mitigate potential exploitation. The vulnerabilities were published on May 7, 2026, and have been confirmed by SUSE's advisory. The updates are critical for maintaining system integrity and security. Key Points: • SUSE released updates for Go1.26 and Go1.25 addressing critical vulnerabilities. • Key vulnerabilities include CVE-2026-33811 and CVE-2026-33814, both with a CVSS score of 7.5. • Administrators are advised to apply updates immediately to prevent potential denial-of-service attacks.

Key Entities

  • DDoS (attack_type)
  • Denial of Service (attack_type)
  • XSS (vulnerability)
  • CVE-2026-33811 (cve)
  • CVE-2026-33814 (cve)
  • CVE-2026-39817 (cve)
  • CVE-2026-39819 (cve)
  • CVE-2026-39820 (cve)
  • Cwe-79 - Cross-site Scripting (xss) (cwe)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed