1. Go html/template Fix for CVE-2026-27142 Contains New Bypass Vector, Assigned CVE-2026-39823
Security researchers have identified a critical bypass in the patch for CVE-2026-27142 affecting Go's html/template package. The original vulnerability, which addressed template injection risks, can be circumvented when trusted template authors construct templates containing whitespace characters positioned between the...