CVE-2026-33811 | net up to 1.25.9/1.26.2 on Go cgo DNS Resolver LookupCNAME double free

A vulnerability identified as problematic has been detected in net up to 1.25.9/1.26.2 on Go. The impacted element is the function LookupCNAME of the component cgo DNS Resolver. This manipulation causes double free.

This vulnerability is handled as CVE-2026-33811. The attack can be initiated remotely. There is not any exploit available.

You should upgrade the affected component.VulDB Recent EntriesRead More