This page collects WhisperX intelligence signals tagged #Go Security. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A critical memory exhaustion vulnerability in the widely used `moby/spdystream` library has been patched, forcing a mandatory update for any service relying on SPDY/3 communication. The flaw, tracked as CVE-2026-35469, resides in the library's frame parser, which fails to validate attacker-controlled counts and lengths...
A critical security flaw in the widely used `moby/spdystream` library exposes services to remote memory exhaustion attacks. The vulnerability, tracked as CVE-2026-35469, resides in the SPDY/3 frame parser, which fails to validate attacker-controlled counts and lengths before allocating memory. This allows a remote peer...
A critical memory exhaustion vulnerability in the widely used `moby/spdystream` library has been patched, forcing a mandatory security update for countless dependent projects. The flaw, tracked as CVE-2026-35469, resides in the SPDY/3 frame parser, which fails to validate attacker-controlled counts and lengths before a...
A critical security vulnerability has been identified in golang.org/x/net, the widely-used Go standard library module, triggering an urgent dependency update across the ecosystem. The flaw, tracked as CVE-2026-33814 (GO-2026-4918), resides in the HTTP/2 transport implementation within net/http/internal/http2 and can ca...