{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-03T22:29:56.132","vulnerabilities":[{"cve":{"id":"CVE-2026-27137","sourceIdentifier":"security@golang.org","published":"2026-03-06T22:16:00.850","lastModified":"2026-04-21T14:40:31.187","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered."},{"lang":"es","value":"Al verificar una cadena de certificados que contiene un certificado con múltiples restricciones de dirección de correo electrónico que comparten porciones locales comunes pero porciones de dominio diferentes, estas restricciones no se aplicarán correctamente, y solo la última restricción será considerada."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-295"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:golang:go:1.26.0:*:*:*:*:*:*:*","matchCriteriaId":"A40FE3CB-0D03-462B-8A19-4DF1920ABE82"}]}]}],"references":[{"url":"https://go.dev/cl/752182","source":"security@golang.org","tags":["Mailing List"]},{"url":"https://go.dev/issue/77952","source":"security@golang.org","tags":["Issue Tracking"]},{"url":"https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk","source":"security@golang.org","tags":["Release Notes"]},{"url":"https://pkg.go.dev/vuln/GO-2026-4599","source":"security@golang.org","tags":["Vendor Advisory"]}]}}]}