The German Federal Office for Information Security (BSI) has issued a security warning for Golang Go, highlighting multiple vulnerabilities that could allow attackers to compromise systems. Affected operating systems include Linux, UNIX, and Windows, along with products like SUSE openSUSE and Golang Go itself.
The vulnerabilities, assigned the CVE IDs CVE-2025-22866 and CVE-2025-22867, are rated as "high" severity with a CVSS Base Score of 8.3. A local attacker could exploit these flaws to disclose information or execute code.
The BSI recommends users to update their systems and products to the latest versions, which include security patches for these vulnerabilities. Further information on bug reports, security fixes, and workarounds can be found on the openSUSE and Golang websites.