{"id":"GO-2026-5281","summary":"opentelemetry-go's Schema ParseFile leaks file descriptors on each parse in go.opentelemetry.io/otel/schema","details":"opentelemetry-go's Schema ParseFile leaks file descriptors on each parse in go.opentelemetry.io/otel/schema","aliases":["CVE-2026-45287","GHSA-995v-fvrw-c78m"],"modified":"2026-06-25T19:45:23.220359827Z","published":"2026-06-25T18:43:15Z","database_specific":{"url":"https://pkg.go.dev/vuln/GO-2026-5281","review_status":"UNREVIEWED"},"references":[{"type":"ADVISORY","url":"https://github.com/open-telemetry/opentelemetry-go/security/advisories/GHSA-995v-fvrw-c78m"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-45287"},{"type":"WEB","url":"https://github.com/open-telemetry/opentelemetry-go/commit/e72a235518cb773137efd80336a179028bc34684"},{"type":"WEB","url":"https://github.com/open-telemetry/opentelemetry-go/commit/f12d198f161b61735d65705248715aa97021ba8d"}],"affected":[{"package":{"name":"go.opentelemetry.io/otel/schema","ecosystem":"Go","purl":"pkg:golang/go.opentelemetry.io/otel/schema"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"0.0.17"}]}],"ecosystem_specific":{},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2026-5281.json"}}],"schema_version":"1.7.5"}