VULNRABLE / Vulnerability / CVE-2025-47914

CVE-2025-47914

MEDIUM LOW golang.org/x/crypto OSV

Exploit verdict: No active-exploit signal

CVSS Score
6
Severity
MEDIUM
EPSS
0%
Source
OSV

Summary

golang.org/x/crypto/ssh/agent vulnerable to panic if message is malformed due to out of bounds read

What this means

CVE-2025-47914 is a medium-severity vulnerability affecting golang.org/x/crypto, rated CVSS 6. The EPSS model estimates a 0% probability of exploitation in the next 30 days. Published November 20, 2025.

View full advisory at OSV →