A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary.
https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-61732.json
https://pkg.go.dev/vuln/GO-2026-4433
https://groups.google.com/g/golang-announce/c/K09ubi9FQFk
https://bugzilla.redhat.com/show_bug.cgi?id=2437016
https://access.redhat.com/security/cve/CVE-2025-61732
https://access.redhat.com/errata/RHSA-2026:8448
https://access.redhat.com/errata/RHSA-2026:7385
https://access.redhat.com/errata/RHSA-2026:7291
https://access.redhat.com/errata/RHSA-2026:5952
https://access.redhat.com/errata/RHSA-2026:5950
https://access.redhat.com/errata/RHSA-2026:5948
https://access.redhat.com/errata/RHSA-2026:5878
https://access.redhat.com/errata/RHSA-2026:4434
https://access.redhat.com/errata/RHSA-2026:3855
https://access.redhat.com/errata/RHSA-2026:3559
https://access.redhat.com/errata/RHSA-2026:3556
https://access.redhat.com/errata/RHSA-2026:3489
https://access.redhat.com/errata/RHSA-2026:3473
https://access.redhat.com/errata/RHSA-2026:3472
https://access.redhat.com/errata/RHSA-2026:3471
https://access.redhat.com/errata/RHSA-2026:3470
https://access.redhat.com/errata/RHSA-2026:3469
https://access.redhat.com/errata/RHSA-2026:3468
https://access.redhat.com/errata/RHSA-2026:3193
https://access.redhat.com/errata/RHSA-2026:3192
https://access.redhat.com/errata/RHSA-2026:2844
https://access.redhat.com/errata/RHSA-2026:2709
https://access.redhat.com/errata/RHSA-2026:2708
https://access.redhat.com/errata/RHSA-2026:2706
https://access.redhat.com/errata/RHSA-2026:21691
https://access.redhat.com/errata/RHSA-2026:17598
https://access.redhat.com/errata/RHSA-2026:15091
https://access.redhat.com/errata/RHSA-2026:14774
https://access.redhat.com/errata/RHSA-2026:14100