Donate Telegram

CVE-2026-25679

NONE

Mar 06, 2026

Updated Mar 06, 2026

url

Parameter	Value
Vendor	url
Public PoC	No

url.Parse insufficiently validated the host/authority component and accepted some invalid URLs.

References 4

https://go.dev/cl/752180

security@golang.org

https://go.dev/issue/77578

security@golang.org

https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk

security@golang.org

https://pkg.go.dev/vuln/GO-2026-4601

security@golang.org

Share Post Share Share Share

CVE Details

CVE ID

CVE-2026-25679

Published Date

Mar 06, 2026

Vendor

url

Severity

NONE

Impact

Minimal impact

Source

Editor's Choice