golang.org/x/sys (Go) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Go package golang.org/x/sys, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2022-29526 — CVSS 5.3 (medium): Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat…
CVE-2026-39824 — CVSS 3.3 (low): NewNTUnicodeString does not check for string length overflow. When provided with a string that overflows the maximum size of a…