OpenTelemetry eBPF Instrumentation: Privileged Java agent injection allows arbitrary host file overwrite via untrusted TMPDIR in go.opentelemetry.io/obi
{ "url": "https://pkg.go.dev/vuln/GO-2026-5253", "review_status": "UNREVIEWED" }
"https://vuln.go.dev/ID/GO-2026-5253.json"