Arc: Unauthenticated access to Go debug pprof endpoints leaks runtime state and enables CPU-burn DoS in github.com/basekick-labs/arc
{ "review_status": "UNREVIEWED", "url": "https://pkg.go.dev/vuln/GO-2026-5457" }
"https://vuln.go.dev/ID/GO-2026-5457.json"