A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary.CreditsRyotaK (https://ryotak.net) of GMO Flatt Security Inc.Referenceshttps://go.dev/cl/734220https://go.dev/issue/76697https://groups.google.com/g/golang-announce/c/K09ubi9FQFkhttps://pkg.go.dev/vuln/GO-2026-4433