PT-2026-2481 · Google+2 · Go+2

Jakub Ciolek

·

Published

2025-01-01

·

Updated

2026-05-21

·

CVE-2025-61728

CVSS v3.1

9.8

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Go versions prior to 1.24.12 Go versions prior to 1.25.6
Description The Go programming language contains a flaw in the archive/zip functionality that can lead to denial-of-service. Specifically, crafted ZIP files can trigger super-linear processing and excessive consumption of memory and CPU resources when opened, potentially causing a disruption of service. This issue affects backend services and build pipelines that automatically parse ZIP content.
Recommendations Update to Go version 1.24.12 or later. Update to Go version 1.25.6 or later.

Exploit

Fix

DoS

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-770

Related Identifiers

ALSA-2026:2706
ALSA-2026:2708
ALSA-2026:2709
ALSA-2026:2914
ALSA-2026:2920
ALSA-2026:3188
ALSA-2026:3336
ALSA-2026:3337
ALSA-2026:3752
ALSA-2026:3753
ALSA-2026:4672
AZL-75707
AZL-75719
AZL-78929
BDU:2026-03410
BIT-GOLANG-2025-61728
CLEANSTART-2026-AC01087
CLEANSTART-2026-AC65885
CLEANSTART-2026-AE87452
CLEANSTART-2026-AH29678
CLEANSTART-2026-AN32474
CLEANSTART-2026-BB17877
CLEANSTART-2026-BB70412
CLEANSTART-2026-BB83999
CLEANSTART-2026-BG69533
CLEANSTART-2026-BK44511
CLEANSTART-2026-BM53321
CLEANSTART-2026-BR79647
CLEANSTART-2026-BS27946
CLEANSTART-2026-CB01846
CLEANSTART-2026-CC08450
CLEANSTART-2026-CD91667
CLEANSTART-2026-CH40794
CLEANSTART-2026-CH77232
CLEANSTART-2026-CI59834
CLEANSTART-2026-CL65461
CLEANSTART-2026-CN84623
CLEANSTART-2026-CR55131
CLEANSTART-2026-CU52059
CLEANSTART-2026-DB61851
CLEANSTART-2026-DF22934
CLEANSTART-2026-DG06447
CLEANSTART-2026-DO09088
CLEANSTART-2026-DO31246
CLEANSTART-2026-DP35743
CLEANSTART-2026-EL10860
CLEANSTART-2026-FB07695
CLEANSTART-2026-FH54780
CLEANSTART-2026-FJ01373
CLEANSTART-2026-FN44356
CLEANSTART-2026-FU47971
CLEANSTART-2026-FX51482
CLEANSTART-2026-GB36430
CLEANSTART-2026-GE08280
CLEANSTART-2026-GI67088
CLEANSTART-2026-GM63718
CLEANSTART-2026-GM81143
CLEANSTART-2026-GR41888
CLEANSTART-2026-GU95761
CLEANSTART-2026-GY48351
CLEANSTART-2026-GZ35045
CLEANSTART-2026-GZ72045
CLEANSTART-2026-HA09227
CLEANSTART-2026-HB06257
CLEANSTART-2026-HF07497
CLEANSTART-2026-HJ72983
CLEANSTART-2026-HM31566
CLEANSTART-2026-HO21235
CLEANSTART-2026-HQ78610
CLEANSTART-2026-HU33730
CLEANSTART-2026-HX94762
CLEANSTART-2026-IW23933
CLEANSTART-2026-JB52011
CLEANSTART-2026-JJ84567
CLEANSTART-2026-JK38734
CLEANSTART-2026-JK84667
CLEANSTART-2026-JM96857
CLEANSTART-2026-JT73156
CLEANSTART-2026-JV26120
CLEANSTART-2026-KA21986
CLEANSTART-2026-KC83705
CLEANSTART-2026-KW35511
CLEANSTART-2026-KY75084
CLEANSTART-2026-LC01167
CLEANSTART-2026-LG79681
CLEANSTART-2026-LI04631
CLEANSTART-2026-LN66182
CLEANSTART-2026-LS00044
CLEANSTART-2026-LS12576
CLEANSTART-2026-LZ60917
CLEANSTART-2026-MF20926
CLEANSTART-2026-MI26424
CLEANSTART-2026-ML42911
CLEANSTART-2026-MQ21261
CLEANSTART-2026-MV81821
CLEANSTART-2026-MX15076
CLEANSTART-2026-NB55984
CLEANSTART-2026-NB78893
CLEANSTART-2026-NG75665
CLEANSTART-2026-NT10973
CLEANSTART-2026-NV78596
CLEANSTART-2026-NX54250
CLEANSTART-2026-OD56729
CLEANSTART-2026-OH43332
CLEANSTART-2026-OJ21550
CLEANSTART-2026-OL17158
CLEANSTART-2026-OL32822
CLEANSTART-2026-PK19530
CLEANSTART-2026-PP64690
CLEANSTART-2026-PS51260
CLEANSTART-2026-PV93827
CLEANSTART-2026-PV98664
CLEANSTART-2026-PW57640
CLEANSTART-2026-QA19540
CLEANSTART-2026-QO20135
CLEANSTART-2026-QO30809
CLEANSTART-2026-QR52625
CLEANSTART-2026-QU88766
CLEANSTART-2026-QV50101
CLEANSTART-2026-RA52239
CLEANSTART-2026-RD09851
CLEANSTART-2026-RM01950
CLEANSTART-2026-RR25843
CLEANSTART-2026-RX06063
CLEANSTART-2026-SE34232
CLEANSTART-2026-SF37618
CLEANSTART-2026-SQ18258
CLEANSTART-2026-SQ24713
CLEANSTART-2026-ST75560
CLEANSTART-2026-SU44499
CLEANSTART-2026-SV08737
CLEANSTART-2026-TC31671
CLEANSTART-2026-TD06078
CLEANSTART-2026-TF98824
CLEANSTART-2026-TH33219
CLEANSTART-2026-TI57220
CLEANSTART-2026-TL66481
CLEANSTART-2026-TO88856
CLEANSTART-2026-TZ10716
CLEANSTART-2026-TZ92532
CLEANSTART-2026-UF78567
CLEANSTART-2026-UG20989
CLEANSTART-2026-UG89030
CLEANSTART-2026-UI21589
CLEANSTART-2026-UK11127
CLEANSTART-2026-UM45661
CLEANSTART-2026-UO45926
CLEANSTART-2026-UQ00642
CLEANSTART-2026-UQ68343
CLEANSTART-2026-UW03847
CLEANSTART-2026-VI68146
CLEANSTART-2026-VN02574
CLEANSTART-2026-VU08393
CLEANSTART-2026-VU90450
CLEANSTART-2026-VX40916
CLEANSTART-2026-VZ35122
CLEANSTART-2026-VZ76006
CLEANSTART-2026-WA84208
CLEANSTART-2026-WI71304
CLEANSTART-2026-WK32717
CLEANSTART-2026-WL14185
CLEANSTART-2026-WN01990
CLEANSTART-2026-WO87803
CVE-2025-61728
ECHO-DCEE-75BC-CD88
GO-2026-4342
MGASA-2026-0035
OESA-2026-1698
OESA-2026-1699
OESA-2026-1701
OESA-2026-1702
OESA-2026-1703
OPENSUSE-SU-2026:10063-1
OPENSUSE-SU-2026:10064-1
OPENSUSE-SU-2026:10101-1
OPENSUSE-SU-2026:10329-1
OPENSUSE-SU-2026:20077-1
OPENSUSE-SU-2026:20085-1
OPENSUSE-SU-2026:20301-1
OPENSUSE-SU-2026:20308-1
OPENSUSE-SU-2026:20619-1
RHSA-2026:12028
RHSA-2026:17040
RHSA-2026:22450
RHSA-2026:22714
RHSA-2026:2706
RHSA-2026:2708
RHSA-2026:2709
RHSA-2026:2914
RHSA-2026:2920
RHSA-2026:3188
RHSA-2026:3192
RHSA-2026:3193
RHSA-2026:3336
RHSA-2026:3337
RHSA-2026:3469
RHSA-2026:3471
RHSA-2026:3472
RHSA-2026:3473
RHSA-2026:3489
RHSA-2026:3752
RHSA-2026:3753
RHSA-2026:3831
RHSA-2026:3833
RHSA-2026:3835
RHSA-2026:3836
RHSA-2026:3838
RHSA-2026:3851
RHSA-2026:3854
RHSA-2026:3880
RHSA-2026:4672
RHSA-2026:7291
RHSA-2026:7385
RHSA-2026:7854
SUSE-SU-2026:0218-1
SUSE-SU-2026:0219-1
SUSE-SU-2026:0296-1
SUSE-SU-2026:0297-1
SUSE-SU-2026:0298-1
SUSE-SU-2026:0308-1
SUSE-SU-2026:0354-1
SUSE-SU-2026:20122-1
SUSE-SU-2026:20132-1
SUSE-SU-2026:20623-1
SUSE-SU-2026:20629-1

Affected Products

Go
Red Os
Rocky Linux