Cyber Resilience

CVE-2025-68121

CriticalPublic PoC

Published: 05 February 2026

Published
05 February 2026
Modified
20 February 2026
KEV Added
Patch
CVSS Score v3.1 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS Score 0.0076 50.7th percentile
Risk Priority 70 floored blend · peak EPSS

Summary

CVE-2025-68121 is a critical-severity Improper Certificate Validation (CWE-295) vulnerability in Golang Go. Its CVSS base score is 10.0 (Critical).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 49.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SC-17 (Public Key Infrastructure Certificates) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2025-68121 is a critical vulnerability (CVSS 10.0, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H) associated with CWE-295 (Improper Certificate Validation), published on 2026-02-05. It affects the crypto/tls package in the Go programming language. The flaw arises during TLS session resumption if the underlying TLS Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, causing the resumed handshake to succeed when it should fail. This issue can occur when users call Config.Clone and mutate the returned Config or use Config.GetConfigForClient.

Remote attackers require no privileges or user interaction and can exploit this over the network with low attack complexity. Exploitation enables a client to resume a session with a server it would not have accepted during the initial handshake, or a server to resume with a client it would not have accepted, effectively bypassing intended certificate authority validation. This leads to high impacts on confidentiality, integrity, and availability within the security scope.

The Go project provides mitigation details across its advisories, including a code change at https://go.dev/cl/737700, issue discussion at https://go.dev/issue/77217, an announcement at https://groups.google.com/g/golang-announce/c/K09ubi9FQFk, and a vulnerability entry at https://pkg.go.dev/vuln/GO-2026-4337. Security practitioners using Go's crypto/tls should review these resources for patching and configuration guidance to prevent improper session resumption.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user…

more

calls Config.Clone and mutates the returned Config, or uses Config.GetConfigForClient. This can cause a client to resume a session with a server that it would not have resumed with during the initial handshake, or cause a server to resume a session with a client that it would not have resumed with during the initial handshake.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1557 Adversary-in-the-Middle Credential Access
Adversaries may attempt to position themselves between two or more networked devices using an adversary-in-the-middle (AiTM) technique to support follow-on behaviors such as [Network Sniffing](https://attack.
Why these techniques?

CVE enables remote TLS certificate validation bypass during session resumption, directly facilitating exploitation of public-facing apps (T1190) and adversary-in-the-middle attacks (T1557) via improper CA trust.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-33810Same product: Golang Go
CVE-2026-27137Same product: Golang Go
CVE-2026-32281Same product: Golang Go
CVE-2026-32280Same product: Golang Go
CVE-2025-61726Same product: Golang Go
CVE-2026-27143Same product: Golang Go
CVE-2025-61731Same product: Golang Go
CVE-2026-27144Same product: Golang Go
CVE-2026-32283Same product: Golang Go
CVE-2026-25679Same product: Golang Go

Affected Assets

golang
go
1.26.0 · ≤ 1.24.13 · 1.25.0 — 1.25.7

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Requires timely identification, reporting, and correction of the specific flaw in Go's crypto/tls package, preventing exploitation of improper certificate validation during session resumption.

prevent

Mandates proper management and verification of PKI certificates, directly countering the bypass of certificate authority validation in mutated TLS configurations during session resumption.

prevent

Protects the authenticity of communications sessions, mitigating risks from unauthorized session resumptions with untrusted parties due to TLS config mutations.

References