Can the team please check to fix the vulnerability for crypto/tls (/usr/bin/grpc_health_probe) and crypto/x509, archive/tar, html/template, github.com/go-git/go-git/v5 (/usr/bin/opm). We ran twistlock scans and found these two. This vulnerability was observed for OPM version v1.65.0.
It is suggested that the vulnerability is fixed in GO version 1.25.9, 1.26.2
CVE details:
CVE-2026-32289
CVE-2026-32281
CVE-2026-32280
CVE-2026-32288
CVE-2026-25934
CVE-2026-33762
CVE-2026-34165
CVE-2026-39883
Another vulnerability for package github.com/go-jose/go-jose/v4 is fixed in version 4.1.4 with CVE CVE-2026-34986
Can the team please check to fix the vulnerability for crypto/tls (/usr/bin/grpc_health_probe) and crypto/x509, archive/tar, html/template, github.com/go-git/go-git/v5 (/usr/bin/opm). We ran twistlock scans and found these two. This vulnerability was observed for OPM version v1.65.0.
It is suggested that the vulnerability is fixed in GO version 1.25.9, 1.26.2
CVE details:
CVE-2026-32289
CVE-2026-32281
CVE-2026-32280
CVE-2026-32288
CVE-2026-25934
CVE-2026-33762
CVE-2026-34165
CVE-2026-39883
Another vulnerability for package github.com/go-jose/go-jose/v4 is fixed in version 4.1.4 with CVE CVE-2026-34986