There are several CVEs that are present in the current project's Go version (v1.25.8) in Go's standard library.
Updating to v1.25.9 fixes these:
NAME INSTALLED FIXED IN TYPE VULNERABILITY SEVERITY EPSS % RISK
stdlib go1.25.8 1.25.9, 1.26.2 go-module CVE-2026-27143 Critical 4.62 < 0.1
stdlib go1.25.8 1.25.9, 1.26.2 go-module CVE-2026-32281 High 4.66 < 0.1
stdlib go1.25.8 1.25.9, 1.26.2 go-module CVE-2026-32280 High 4.42 < 0.1
stdlib go1.25.8 1.25.9, 1.26.2 go-module CVE-2026-32283 High 4.27 < 0.1
stdlib go1.25.8 1.25.9, 1.26.2 go-module CVE-2026-27140 High 2.74 < 0.1
stdlib go1.25.8 1.25.9, 1.26.2 go-module CVE-2026-32289 Medium 1.21 < 0.1
stdlib go1.25.8 1.25.9, 1.26.2 go-module CVE-2026-32282 Medium 0.81 < 0.1
stdlib go1.25.8 1.25.9, 1.26.2 go-module CVE-2026-27144 High 0.31 < 0.1
stdlib go1.25.8 1.25.9, 1.26.2 go-module CVE-2026-32288 Medium 0.18 < 0.1
There are several CVEs that are present in the current project's Go version (
v1.25.8) in Go's standard library.Updating to
v1.25.9fixes these: