Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

golang.org/x/net/idna

Source -

CNA

CNA CVEs -

1

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
1Vulnerabilities found

CVE-2026-39821
Assigner-Go Project
ShareView Details
Assigner-Go Project
CVSS Score-9.6||CRITICAL
EPSS-0.48% / 38.18%
||
7 Day CHG~0.00%
Published-22 May, 2026 | 15:01
Updated-17 Jul, 2026 | 13:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Invoking failure to reject ASCII-only Punycode-encoded labels in golang.org/x/net/idna

The ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label. For example, ToUnicode("xn--example-.com") incorrectly returns the name "example.com" rather than an error. This behavior can lead to privilege escalation in programs using the idna package. For example, a program which performs privilege checks on the ASCII hostname may reject "example.com" but permit "xn--example-.com". If that program subsequently converts the ASCII hostname to Unicode, it will inadvertently permits access to the Unicode name "example.com".

Action-Not Available
Vendor-golang.org/x/netRed Hat, Inc.Go
Product-netgolang.org/x/net/idnaZero Trust Workload Identity Manager - Tech PreviewMachine Deletion Remediation OperatorRed Hat Connectivity Link 1Multiarch Tuning OperatorRed Hat Developer HubRed Hat Enterprise Linux AI 3.4Red Hat Quay 3.16Multicluster Engine for KubernetesRed Hat OpenShift Service Mesh 3.3Deployment Validation OperatorZero Trust Workload Identity ManagerRed Hat OpenShift Service Mesh 3.2Logging Subsystem for Red Hat OpenShift 6.4Red Hat Openshift Data Foundation 4.22Red Hat Web TerminalRed Hat OpenShift Service Mesh 2.6Red Hat OpenShift Container Platform 4.22streams for Apache Kafka 3Red Hat OpenShift Builds 1.8.1Red Hat 3scale API Management Platform 2DevWorkspace Operator 0.42Red Hat Quay 3.10External Secrets Operator for Red Hat OpenShiftRed Hat OpenShift on AWScert-manager Operator for Red Hat OpenShiftNetwork Observability Operatormulticluster engine for Kubernetes 2.9Red Hat OpenShift Cluster Manager CLIRHEM 1.1 for RHEL 9Red Hat Enterprise Linux 7Red Hat OpenStack Platform 18.0Red Hat OpenShift Service Mesh 3.1Red Hat Advanced Cluster Security for Kubernetes 4.10Gatekeeper 3Red Hat Advanced Cluster Management for Kubernetes 2.13Migration Toolkit for ContainersRed Hat Advanced Cluster Security for Kubernetes 4.11Red Hat Enterprise Linux 10Red Hat Advanced Cluster Management for Kubernetes 2Node HealthCheck OperatorRed Hat Enterprise Linux 9Red Hat Enterprise Linux 8Red Hat Ansible Automation Platform 2Red Hat OpenShift GitOps 1.20OpenShift ServerlessCompliance OperatorRed Hat Ceph Storage 9Migration Toolkit for Applications 8OpenShift LightspeedRHEM 1.0 for RHEL 9Power monitoring for Red Hat OpenShiftRed Hat OpenShift Dev Spaces 3.29Red Hat Service Interconnect 2OpenShift Developer Tools and ServicesRed Hat OpenStack Platform 16.2Red Hat Advanced Cluster Security for Kubernetes 4.9Red Hat OpenShift Builds 1.7.4Red Hat Ceph Storage 5OpenShift API for Data ProtectionOpenShift PipelinesFile Integrity OperatorSecurity Profiles OperatorRed Hat Certification Program for Red Hat Enterprise Linux 9RHEM 1.1 for RHEL 10Red Hat Satellite 6Red Hat Ceph Storage 8Cluster Observability Operator 1.5.0Red Hat Edge Manager 1.1multicluster engine for Kubernetes 2.6Red Hat OpenShift AI (RHOAI)Confidential Compute Attestationmulticluster engine for Kubernetes 2.8Logical Volume Manager StorageFence Agents Remediation OperatorMulticluster Global Hub 1.4.5Red Hat Quay 3.9Red Hat Lightspeed for Runtimes OperatorRed Hat Trusted Artifact Signer 1.4Red Hat Enterprise Linux AI (RHEL AI) 3Red Hat Service Interconnect 1Red Hat OpenShift Service Mesh 3Cryostat 4Red Hat OpenShift Virtualization 4Red Hat OpenShift GitOps 1.19Red Hat OpenShift for Windows ContainersRed Hat OpenStack Platform 17.1Assisted Installer for Red Hat OpenShift Container Platform 2Red Hat Ceph Storage 6Red Hat Edge Manager 1.0Red Hat Hardened ImagesRed Hat OpenShift Container Platform 4
CWE ID-CWE-1289
Improper Validation of Unsafe Equivalence in Input