Unrated severityNVD Advisory· Published May 22, 2026· Updated May 22, 2026
Invoking denial of service when parsing arbitrary HTML in golang.org/x/net/html
CVE-2026-25680
Description
Parsing arbitrary HTML can consume excessive CPU time, possibly leading to denial of service.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4News mentions
0No linked articles in our index yet.