Launch Week Day 1: Announcing Security Design Review
Start for Free
UNKNOWN Go

Invoking denial of service when parsing arbitrary HTML in golang.org/x/net/html

GO-2026-5028 · CVE-2026-25680

Published · Modified

Description

Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service.

References

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes