Coder's engineering team has uncovered a severe security flaw in Go's standard database/sql package that lingered undetected since at least Go 1.10. The vulnerability (CVE-2025-47907) enables attackers to corrupt SQL query results during context cancellation, potentially leading to full application compromise. Immediate updates to Go 1.24.6 are critical for all affected systems.