Is there a public PoC exploit available for CVE-2025-58183?

Yes, a public proof-of-concept exploit is available for CVE-2025-58183. Prioritise patching immediately. EPSS: 0.0%.

Is there a patch available for CVE-2025-58183?

Yes, a patch is available for CVE-2025-58183. Update the affected software to the latest version immediately.

Alpine Linux Go CVE-2025-58183

MEDIUM

N/A vendor:alpine

Information Disclosure

Lifecycle Timeline

Analysis Generated

May 27, 2026 - 22:52 vuln.today

DescriptionCVE.org

Alpine Linux: go fixed in 1.25.2-r0

AnalysisAI

Go language runtime/toolchain in Alpine Linux was patched in package version 1.25.2-r0, addressing an unspecified vulnerability. The upstream nature, affected component, and exploitability details are not disclosed in available data - only the Alpine vendor advisory confirming the fix is present. EPSS is very low at 0.02% (6th percentile), and no active exploitation has been identified.

Technical ContextAI

Alpine Linux distributes the Go programming language as the 'go' package. Alpine package versioning uses the format '<upstream_version>-r<alpine_revision>', so '1.25.2-r0' indicates Go upstream version 1.25.2, first Alpine package revision. The vulnerability could reside in the Go standard library, compiler, runtime, toolchain, or any component bundled in the Go distribution. Without a CWE classification or detailed description, the root cause class cannot be determined. No CPE string was provided, but the affected component is the Alpine Linux 'go' package at versions prior to 1.25.2-r0.

Affected ProductsAI

The affected product is the 'go' package in Alpine Linux at versions prior to 1.25.2-r0. No CPE string was provided in the available data. The exact Alpine Linux branch (e.g., edge, v3.x) affected is not specified in the advisory. No vendor advisory URL beyond the Alpine package changelog was included in the intelligence data. Administrators should verify affected Alpine versions via the Alpine Linux security tracker.

RemediationAI

Upgrade the Alpine Linux 'go' package to version 1.25.2-r0 or later using the standard Alpine package manager: 'apk upgrade go'. This is the vendor-confirmed fixed version per the Alpine advisory. No specific workarounds are documented in the available data, as the vulnerability details are not disclosed. If immediate upgrade is not possible, consider restricting access to systems or services that depend on the Go toolchain or runtime until the patch can be applied. No advisory URL was provided in the source data; consult the Alpine Linux security tracker or package changelog for additional context.

CVE-2025-58183 vulnerability details – vuln.today

Back