CVE-2026-42507

Vulnerability Description

When returning errors, functions in the net/textproto package would include its input as part of the error. This might allow an attacker to inject misleading content to errors that are printed or logged.

Vulnerability Details

Published Date

June 02, 2026

Last Modified

June 02, 2026

Source

NVD

Vendor

Go standard library

Product

net/textproto

External References

https://go.dev/cl/777060
https://go.dev/issue/79346
https://groups.google.com/g/golang-announce/c/tKs3rmcBcKw
https://pkg.go.dev/vuln/GO-2026-5039

CVE-2026-42507

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment