The vulnerability scanner for Google Artifact Registry reports that the cm-sd-adapter image gcr.io/gke-release/custom-metrics-stackdriver-adapter:v0.16.5-gke.0 contains the vulnerability documented in CVE-2026-27143 based on the standard library in GO 1.26.1. The scanner rates the severity of this CVE as Critical.
The vulnerability is fixed in GO 1.26.2
The vulnerability scanner for Google Artifact Registry reports that the cm-sd-adapter image
gcr.io/gke-release/custom-metrics-stackdriver-adapter:v0.16.5-gke.0contains the vulnerability documented in CVE-2026-27143 based on the standard library in GO 1.26.1. The scanner rates the severity of this CVE as Critical.The vulnerability is fixed in GO 1.26.2