What is the CVSS score of CVE-2026-42499?

CVE-2026-42499 has a CVSS 3.1 base score of 7.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. EPSS exploitation probability: 0.0%.

Is there a public PoC exploit available for CVE-2026-42499?

Yes, a public proof-of-concept exploit is available for CVE-2026-42499. Prioritise patching immediately. EPSS: 0.0%.

Is there a patch available for CVE-2026-42499?

Yes, a patch is available for CVE-2026-42499. Update the affected software to the latest version immediately.

CVE-2026-42499

EUVD-2026-28432 HIGH

2026-05-07 Go

GHSA-xq5j-9r39-c3vf

Information Disclosure

7.5

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Lifecycle Timeline

CVSS changed

May 08, 2026 - 22:22 NVD

7.5 (HIGH)

Patch available

May 07, 2026 - 21:02 EUVD

CVE Published

May 07, 2026 - 19:41 nvd

HIGH 7.5

CVE Published

May 07, 2026 - 19:41 nvd

UNKNOWN (no severity yet)

DescriptionNVD

Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322.

Analysis

Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322.

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Vendor StatusVendor

CVE-2026-42499 vulnerability details – vuln.today

Back

CVE-2026-42499

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

Analysis

Full analysis requires sign-in

Vendor StatusVendor

Share

External POC / Exploit Code