CVE-2025-58188 Panic when validating certificates with DSA public keys in crypto/x509

CVE-2025-61727 Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x509

CVE-2026-31430 X.509: Fix out-of-bounds access when parsing extensions

CVE-2026-32280 Unexpected work during chain building in crypto/x509

CVE-2026-32281 Inefficient policy validation in crypto/x509