CVE-2025-47910 | net-http up to 1.25.0 on Go Request Path AddInsecureBypassPattern access control

A vulnerability was found in net-http up to 1.25.0 on Go. It has been rated as critical. This affects the function AddInsecureBypassPattern of the component Request Path Handler. This manipulation causes improper access controls.

This vulnerability is handled as CVE-2025-47910. The attack can be initiated remotely. There is not any exploit available.

Upgrading the affected component is advised.VulDB Recent EntriesRead More