CVE-2026-39820 | net-mail up to 1.25.9/1.26.2 on Go algorithmic complexity

May 7, 2026 Yanac

A vulnerability marked as problematic has been reported in net-mail up to 1.25.9/1.26.2 on Go. This impacts an unknown function. Performing a manipulation results in inefficient algorithmic complexity.

This vulnerability was named CVE-2026-39820. The attack may be initiated remotely. There is no available exploit.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More

CVE-2026-39836 | net up to 1.25.9/1.26.2 on Go Dial/LookupPort uncaught exception
CVE-2026-33814 | http2-net-http up to 0.52.x on Go SETTINGS_MAX_FRAME_SIZE infinite loop