CVE Watchtower β Back to CVE ListCVE-2026-42500NVDDescriptionDecoding a paletted BMP file with an out-of-range palette index results in a panic when accessing pixels in the invalid image.Severity LevelMEDIUM (5.3)Published Date29/05/2026Last Modified01/06/2026Exploitation Status????Referenceshttps://go.dev/cl/781500https://go.dev/issue/79576https://groups.google.com/g/golang-announce/c/uhYX90BlBvIhttps://pkg.go.dev/vuln/GO-2026-5031