CVE-2026-27139

CVE-2026-27139

Name

CVE-2026-27139

Description

On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to reading metadata provided by lstat from arbitrary locations on the filesystem without permitting reading or writing files outside the root.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

References

Type	URI
security@golang.org	https://go.dev/cl/749480
security@golang.org	https://go.dev/issue/77827
security@golang.org	https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk
security@golang.org	https://pkg.go.dev/vuln/GO-2026-4602

Type

URI

security@golang.org

https://go.dev/cl/749480

security@golang.org

https://go.dev/issue/77827

security@golang.org

https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk

security@golang.org

https://pkg.go.dev/vuln/GO-2026-4602

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:golang:go::::::::`	go	>= None	< 1.25.8
`cpe:2.3:a:golang:go:1.26.0:::::::*`	go	== None	== 1.26.0

CPE URI

Source package

Min version

Max version

cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*

>= None

< 1.25.8

cpe:2.3:a:golang:go:1.26.0:*:*:*:*:*:*:*

== None

== 1.26.0

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
go	edge-community	1.26.0-r1	Achill Gilgenast <achill@achill.org>	fixed
go	edge-community	1.26.0-r0	Achill Gilgenast <achill@achill.org>	fixed
go	edge-community	1.25.7-r0	Achill Gilgenast <achill@achill.org>	possibly vulnerable
go	edge-community	1.25.6-r0	Achill Gilgenast <achill@achill.org>	possibly vulnerable
go	edge-community	1.25.5-r0	Achill Gilgenast <achill@achill.org>	possibly vulnerable
go	edge-community	1.25.4-r0	Achill Gilgenast <achill@achill.org>	possibly vulnerable
go	edge-community	1.25.3-r0	Achill Gilgenast <achill@achill.org>	possibly vulnerable
go	edge-community	1.25.2-r0	Achill Gilgenast <achill@achill.org>	possibly vulnerable
go	edge-community	1.25.1-r0	Achill Gilgenast <achill@achill.org>	possibly vulnerable
go	edge-community	1.25.0-r0	Achill Gilgenast <achill@achill.org>	possibly vulnerable
go	edge-community	1.24.6-r1	Achill Gilgenast <achill@achill.org>	possibly vulnerable
go	edge-community	1.24.6-r0	fossdd <fossdd@pwned.life>	possibly vulnerable
go	edge-community	1.24.5-r1	fossdd <fossdd@pwned.life>	possibly vulnerable
go	edge-community	1.24.5-r0	fossdd <fossdd@pwned.life>	possibly vulnerable
go	edge-community	1.24.4-r0	fossdd <fossdd@pwned.life>	possibly vulnerable
go	edge-community	1.24.3-r1	None	possibly vulnerable
go	edge-community	1.24.3-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.24.2-r1	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.24.2-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.24.1-r1	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.24.1-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.24.0-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.23.6-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.23.5-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.23.4-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.23.3-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.23.2-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.23.1-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.22.6-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.22.5-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.22.4-r1	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.22.4-r0	None	possibly vulnerable
go	edge-community	1.22.3-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.22.2-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.22.1-r2	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.22.1-r1	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.22.1-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.22.0-r1	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.22.0-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.21.6-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.21.5-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.21.4-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.21.3-r1	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.21.3-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.21.2-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.21.1-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.21.0-r2	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.21.0-r1	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.21.0-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.20.7-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.20.6-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.20.5-r2	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.20.5-r1	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.20.5-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.20.4-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.20.3-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.20.2-r1	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.20.2-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.20.1-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.20-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.19.5-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.19.4-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.19.3-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.19.2-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.19.1-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.18.5-r0	Sören Tempel <soeren+alpine@soeren-tempel.net>	possibly vulnerable
go	edge-community	1.18.4-r0	None	possibly vulnerable
go	edge-community	1.18.1-r0	None	possibly vulnerable
go	edge-community	1.17.8-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
go	edge-community	1.17.7-r0	None	possibly vulnerable
go	edge-community	1.17.6-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
go	edge-community	1.17.3-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
go	edge-community	1.17.2-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
go	edge-community	1.17.1-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
go	edge-community	1.17-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
go	edge-community	1.16.7-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
go	edge-community	1.16.6-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
go	edge-community	1.16.5-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
go	edge-community	1.16.4-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
go	edge-community	1.16.2-r0	None	possibly vulnerable
go	edge-community	1.15.7-r0	None	possibly vulnerable
go	edge-community	1.15.5-r0	None	possibly vulnerable
go	edge-community	1.15.2-r0	None	possibly vulnerable
go	edge-community	1.15-r0	None	possibly vulnerable
go	edge-community	1.14.5-r0	None	possibly vulnerable
go	edge-community	1.13.7-r0	None	possibly vulnerable
go	edge-community	1.13.2-r0	None	possibly vulnerable
go	edge-community	1.13.1-r0	None	possibly vulnerable
go	edge-community	1.12.8-r0	None	possibly vulnerable
go	edge-community	1.11.5-r0	None	possibly vulnerable
go	edge-community	1.9.4-r0	None	possibly vulnerable
go	3.23-community	1.25.8-r0	Achill Gilgenast <achill@achill.org>	fixed
go	3.23-community	1.25.7-r0	Achill Gilgenast <achill@achill.org>	possibly vulnerable
go	3.23-community	1.25.6-r0	Achill Gilgenast <achill@achill.org>	possibly vulnerable
go	3.23-community	1.25.5-r0	Achill Gilgenast <achill@achill.org>	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

References

Match rules

Vulnerable and fixed packages