CVE-2026-39824 – Invoking integer overflow in NewNTUnicodeString in golang.org/x/sys/windows

CVE ID :CVE-2026-39824

Published : May 22, 2026, 7:39 p.m. | 1 hour, 18 minutes ago

Description :NewNTUnicodeString does not check for string length overflow. When provided with a string that overflows the maximum size of a NTUnicodeString (a 16-bit number of bytes), it returns a truncated string rather than an error.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-40864 – JupyterHub: Cross-origin form POSTs bypass XSRF

CVE-2026-40610 – BentoML has Information Disclosure in `bentoml build` via symlink traversal in the build context

CVE-2026-40607 – MantisBT is Vulnerable to Stored XSS Through its Saved-Filter Owner Column

CVE-2026-40598 – MantisBT has Potential Referer-Based Reflected HTML Injection / XSS in Tag Update Page