PT-2026-31058 · Swig+2 · Swig+2

Juho Forsén

Published

2026-04-07

Updated

2026-05-09

CVE-2026-27140

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions SWIG (affected versions not specified)

Description SWIG file names containing 'cgo' and well-crafted payloads could lead to code smuggling and arbitrary code execution at build time due to trust layer bypass.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Incorrect Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-863

Related Identifiers

BDU:2026-07248

BIT-GOLANG-2026-27140

CVE-2026-27140

GO-2026-4871

OESA-2026-2247

OESA-2026-2248

OESA-2026-2249

OESA-2026-2250

OESA-2026-2251

OPENSUSE-SU-2026:10514-1

OPENSUSE-SU-2026:10525-1

OPENSUSE-SU-2026:10673-1

OPENSUSE-SU-2026:20570-1

OPENSUSE-SU-2026:20571-1

RHSA-2026:10217

RHSA-2026:10219

RHSA-2026:10704

RHSA-2026:16021

RHSA-2026:16024

RHSA-2026:16494

RHSA-2026:16497

RHSA-2026:16498

RHSA-2026:16694

RHSA-2026:16697

RHSA-2026:16698

SUSE-SU-2026:1320-1

SUSE-SU-2026:1321-1

SUSE-SU-2026:1580-1

SUSE-SU-2026:1581-1

Affected Products

Red Os

Rocky Linux

Swig

PT-2026-31058 · Swig+2 · Swig+2

CVE-2026-27140

Weakness Enumeration

Related Identifiers

Affected Products

References · 76