FLAT-V6PRJ (GHSA-rm5c-5x2p-48wr)
Asymmetric denial of service In github.com/klever-io/klever-go
7.7
High
Ecosystem: Go
Package: github.com/klever-io/klever-go
FLAT-UPD5M (GHSA-w4c6-7r69-w7j9)
Improper resource allocation In github.com/klever-io/klever-go
6.3
Medium
Ecosystem: Go
Package: github.com/klever-io/klever-go
FLAT-CUF22 (GHSA-hf2g-6j7h-98wg)
Improper resource allocation In github.com/klever-io/klever-go
7.7
High
Ecosystem: Go
Package: github.com/klever-io/klever-go
FLAT-Z4LPM (CVE-2026-49343)
Improper resource allocation In github.com/klever-io/klever-go
6.3
Medium
Ecosystem: Go
Package: github.com/klever-io/klever-go
FLAT-OH1IX (CVE-2026-47680)
Lack of data validation - Path Traversal In github.com/fluxcd/source-controller
1.3
Low
Ecosystem: Go
Package: github.com/fluxcd/source-controller
FLAT-2HHT0 (CVE-2026-47249)
Asymmetric denial of service - ReDoS In github.com/klever-io/klever-go
6.3
Medium
Ecosystem: Go
Package: github.com/klever-io/klever-go
FLAT-F61KM (CVE-2026-45726)
Business information leak In github.com/siderolabs/omni
4.1
Medium
Ecosystem: Go
Package: github.com/siderolabs/omni
FLAT-QSVU1 (CVE-2026-45723)
Lack of data validation - Path Traversal In github.com/siderolabs/omni
0.5
Low
Ecosystem: Go
Package: github.com/siderolabs/omni
FLAT-T0RLB (CVE-2026-45720)
Race condition In github.com/siderolabs/omni
5.6
Medium
Ecosystem: Go
Package: github.com/siderolabs/omni
FLAT-8YA6M (MAL-2026-5259)
Use of software with malware In github-archiver
5.2
Medium
Ecosystem: Npm
Package: github-archiver
FLAT-5QGK8 (CVE-2026-47703)
Race condition In github.com/adguardteam/adguardhome
2.7
Low
Ecosystem: Go
Package: github.com/adguardteam/adguardhome
FLAT-A0TAM (CVE-2026-40898)
Improper resource allocation In golang-github-lucas-clemente-quic-go
7.7
High
Ecosystem: Debian
Package: golang-github-lucas-clemente-quic-go
FLAT-HEQO8 (CVE-2026-8462)
SQL injection - Code In github.com/openmeterio/openmeter
1.3
Low
Ecosystem: Go
Package: github.com/openmeterio/openmeter
FLAT-0TCFG (CVE-2026-47671)
Authentication mechanism absence or evasion In github.com/nhost/nhost
5.9
Medium
Ecosystem: Go
Package: github.com/nhost/nhost
FLAT-Q5WUL (GHSA-74m6-4hjp-7226)
Improper resource allocation In github.com/klever-io/klever-go
6.3
Medium
Ecosystem: Go
Package: github.com/klever-io/klever-go
FLAT-U8N8Y (CVE-2026-47215)
Lack of data validation - Path Traversal In github.com/sylabs/singularity/v4
0.4
Low
Ecosystem: Go
Package: github.com/sylabs/singularity/v4
FLAT-5Y3Z2 (CVE-2026-45730)
Improper authorization control for web services In github.com/nuclio/nuclio
5.9
Medium
Ecosystem: Go
Package: github.com/nuclio/nuclio
FLAT-V7K6Z (CVE-2026-44740)
Improper resource allocation In golang-github-go-git-go-billy
3.6
Low
Ecosystem: Debian
Package: golang-github-go-git-go-billy
FLAT-D9ZKK (CVE-2026-48119)
Improper authorization control for web services In github.com/nezhahq/nezha
5.7
Medium
Ecosystem: Go
Package: github.com/nezhahq/nezha
FLAT-4U709 (MAL-2026-5107)
Use of software with malware In cms-github
5.2
Medium
Ecosystem: Npm
Package: cms-github
FLAT-A3Y8M (MAL-2026-5108)
Use of software with malware In cms-helpgit
5.2
Medium
Ecosystem: Npm
Package: cms-helpgit
FLAT-4RRCI (MAL-2026-5157)
Use of software with malware In @tse-digital/core
5.2
Medium
Ecosystem: Npm
Package: @tse-digital/core
FLAT-BV2SE (CVE-2026-47268)
Server-side request forgery (SSRF) In github.com/nezhahq/nezha
2.4
Low
Ecosystem: Go
Package: github.com/nezhahq/nezha
FLAT-RGJ83 (MAL-2026-5063)
Use of software with malware In customerdigital-service-lib
5.2
Medium
Ecosystem: Npm
Package: customerdigital-service-lib
FLAT-N2GIM (CVE-2026-47203)
Lack of protection against brute force attacks In github.com/authelia/authelia/v4
1.7
Low
Ecosystem: Go
Package: github.com/authelia/authelia/v4
FLAT-34BE7 (CVE-2026-47122)
Use of insecure channel - Source code In github.com/sparkle-project/sparkle
0.4
Low
Ecosystem: SwiftURL
Package: github.com/sparkle-project/sparkle
FLAT-5T89U (CVE-2026-47121)
Lack of data validation - Path Traversal In github.com/sparkle-project/sparkle
6.7
Medium
Ecosystem: SwiftURL
Package: github.com/sparkle-project/sparkle
FLAT-GLNTZ (GHSA-w5pp-99ch-qj29)
Asymmetric denial of service - ReDoS In github.com/go-git/go-git/v6
3.6
Low
Ecosystem: Go
Package: github.com/go-git/go-git/v6
FLAT-X2V14 (GHSA-rf84-wr5g-m3rp)
Authentication mechanism absence or evasion In github.com/metal3-io/cluster-api-provider-metal3
0.5
Low
Ecosystem: Go
Package: github.com/metal3-io/cluster-api-provider-metal3
FLAT-P7X8W (CVE-2026-47190)
Excessive privileges In github.com/metal3-io/ip-address-manager
5.5
Medium
Ecosystem: Go
Package: github.com/metal3-io/ip-address-manager
FLAT-9MSQC (GHSA-hfc8-w5f4-3x6m)
Improper authorization control for web services In github.com/metal3-io/ironic-standalone-operator
0.6
Low
Ecosystem: Go
Package: github.com/metal3-io/ironic-standalone-operator
FLAT-ODVGS (GHSA-7cwm-fpfh-rrch)
Sensitive information sent insecurely In github.com/metal3-io/ironic-standalone-operator
0.6
Low
Ecosystem: Go
Package: github.com/metal3-io/ironic-standalone-operator
FLAT-NFW3E (CVE-2026-45742)
Race condition In github.com/gotenberg/gotenberg/v8
6.3
Medium
Ecosystem: Go
Package: github.com/gotenberg/gotenberg/v8
FLAT-ZTHMY (CVE-2026-45741)
Server-side request forgery (SSRF) In github.com/gotenberg/gotenberg/v8
6.5
Medium
Ecosystem: Go
Package: github.com/gotenberg/gotenberg/v8
FLAT-FCOCM (CVE-2026-44829)
Lack of data validation - Path Traversal In github.com/gotenberg/gotenberg/v8
5.6
Medium
Ecosystem: Go
Package: github.com/gotenberg/gotenberg/v8
FLAT-QPZMM (CVE-2026-48501)
Authentication mechanism absence or evasion In golang-github-cli-go-gh
8.2
High
Ecosystem: Debian
Package: golang-github-cli-go-gh
FLAT-5YKW0 (CVE-2026-47179)
Lack of data validation - Path Traversal In github.com/getarcaneapp/arcane/backend
7.6
High
Ecosystem: Go
Package: github.com/getarcaneapp/arcane/backend
FLAT-U0CUU (CVE-2026-44973)
Lack of data validation - Path Traversal In golang-github-go-git-go-billy
7.5
High
Ecosystem: Debian
Package: golang-github-go-git-go-billy
FLAT-UNHL4 (CVE-2026-46405)
Improper resource allocation In github.com/openbao/openbao
2.7
Low
Ecosystem: Go
Package: github.com/openbao/openbao
FLAT-T9W70 (CVE-2026-46358)
Sensitive information stored in logs In github.com/openbao/openbao
2.0
Low
Ecosystem: Go
Package: github.com/openbao/openbao
FLAT-8GW58 (CVE-2026-45808)
Authentication mechanism absence or evasion In github.com/openbao/openbao
4.9
Medium
Ecosystem: Go
Package: github.com/openbao/openbao
FLAT-WJQR0 (CVE-2026-22872)
Authentication mechanism absence or evasion In github.com/projectcapsule/capsule
5.6
Medium
Ecosystem: Go
Package: github.com/projectcapsule/capsule
FLAT-W5TY1 (CVE-2026-30963)
Lack of data validation In github.com/projectcapsule/capsule
4.2
Medium
Ecosystem: Go
Package: github.com/projectcapsule/capsule
FLAT-DVSG5 (MAL-2026-5015)
Use of software with malware In @mlspace/env-gitlab
5.2
Medium
Ecosystem: Npm
Package: @mlspace/env-gitlab
FLAT-OJ634 (MAL-2026-4982)
Use of software with malware In @cloudplatform-single-spa/svp-gitaas
5.2
Medium
Ecosystem: Npm
Package: @cloudplatform-single-spa/svp-gitaas
FLAT-17PI2 (CVE-2026-47243)
Lack of data validation - Path Traversal In github.com/kata-containers/kata-containers
7.3
High
Ecosystem: Go
Package: github.com/kata-containers/kata-containers
FLAT-II2BQ (CVE-2026-44982)
Security controls bypass or absence In github.com/crowdsecurity/crowdsec
2.7
Low
Ecosystem: Go
Package: github.com/crowdsecurity/crowdsec
FLAT-TA1IP (CVE-2026-44981)
Excessive privileges In github.com/crowdsecurity/crowdsec
4.6
Medium
Ecosystem: Go
Package: github.com/crowdsecurity/crowdsec
FLAT-G5GLQ (CVE-2026-45571)
Lack of data validation - Path Traversal In golang-github-go-git-go-git-v6
2.1
Low
Ecosystem: Debian
Package: golang-github-go-git-go-git-v6
FLAT-V5856 (CVE-2026-45570)
OS Command Injection In golang-github-go-git-go-git-v6
0.6
Low
Ecosystem: Debian
Package: golang-github-go-git-go-git-v6
FLAT-K34ZG (CVE-2026-45022)
Insufficient data authenticity validation In golang-github-go-git-go-git-v6
3.8
Low
Ecosystem: Debian
Package: golang-github-go-git-go-git-v6
FLAT-U5UPA (CVE-2026-44210)
Insecure functionality In github.com/kata-containers/kata-containers
2.6
Low
Ecosystem: Go
Package: github.com/kata-containers/kata-containers
FLAT-D2B22 (MAL-2026-4295)
Use of software with malware In git-en-boite-inventory
5.2
Medium
Ecosystem: Npm
Package: git-en-boite-inventory
FLAT-WFHEB (MAL-2026-4273)
Use of software with malware In git-config-sync
5.2
Medium
Ecosystem: PyPI
Package: git-config-sync
FLAT-X1OJU (CVE-2026-47124)
Enabled default configuration In github.com/nezhahq/nezha
5.7
Medium
Ecosystem: Go
Package: github.com/nezhahq/nezha
FLAT-R328B (CVE-2026-46716)
Remote command execution In github.com/nezhahq/nezha
6.1
Medium
Ecosystem: Go
Package: github.com/nezhahq/nezha
FLAT-AVPUM (CVE-2026-47125)
Improper authorization control for web services In github.com/getarcaneapp/arcane/backend
7.7
High
Ecosystem: Go
Package: github.com/getarcaneapp/arcane/backend
FLAT-DOVDR (CVE-2026-47120)
Improper authorization control for web services In github.com/nezhahq/nezha
1.5
Low
Ecosystem: Go
Package: github.com/nezhahq/nezha
FLAT-EGI3E (CVE-2026-46717)
Server-side request forgery (SSRF) In github.com/nezhahq/nezha
4.3
Medium
Ecosystem: Go
Package: github.com/nezhahq/nezha
FLAT-AXR2P (GHSA-qqqm-5547-774x)
Lack of data validation - Path Traversal In github.com/gtsteffaniak/filebrowser/backend
8.0
High
Ecosystem: Go
Package: github.com/gtsteffaniak/filebrowser/backend
FLAT-LTQEF (CVE-2026-46703)
Lack of data validation - Path Traversal In github.com/boxlite-ai/boxlite/sdks/go
9.1
Critical
Ecosystem: Go
Package: github.com/boxlite-ai/boxlite/sdks/go
FLAT-CSZHI (CVE-2026-46680)
Lack of data validation - Type confusion In github.com/containerd/containerd
4.4
Medium
Ecosystem: Go
Package: github.com/containerd/containerd
FLAT-GRR2A (CVE-2026-46668)
Improper authorization control for web services In github.com/authzed/spicedb
0.6
Low
Ecosystem: Go
Package: github.com/authzed/spicedb
FLAT-6R8AH (CVE-2026-46618)
Excessive privileges In github.com/fission/fission
4.2
Medium
Ecosystem: Go
Package: github.com/fission/fission
FLAT-W954N (CVE-2026-46617)
Excessive privileges In github.com/fission/fission
5.9
Medium
Ecosystem: Go
Package: github.com/fission/fission
FLAT-4JDIT (CVE-2026-46614)
Improper authorization control for web services In github.com/fission/fission
9.1
Critical
Ecosystem: Go
Package: github.com/fission/fission
FLAT-5HHQL (CVE-2026-46612)
Authentication mechanism absence or evasion In github.com/fission/fission
6.1
Medium
Ecosystem: Go
Package: github.com/fission/fission
FLAT-71BBN (GHSA-763j-3p5v-jfc6)
Lack of data validation - Path Traversal In github.com/mvt-project/androidqf
1.1
Low
Ecosystem: Go
Package: github.com/mvt-project/androidqf
FLAT-XJEGZ (GHSA-jf2q-463c-6f52)
Lack of data validation - Path Traversal In github.com/mvt-project/androidqf
1.1
Low
Ecosystem: Go
Package: github.com/mvt-project/androidqf
FLAT-UPFI3 (CVE-2026-46403)
Security controls bypass or absence In github.com/klever-io/klever-go
4.2
Medium
Ecosystem: Go
Package: github.com/klever-io/klever-go
FLAT-LKH5T (MAL-2026-4573)
Use of software with malware In git-userhub
5.2
Medium
Ecosystem: Npm
Package: git-userhub
FLAT-KH9OL (CVE-2026-42592)
Server-side request forgery (SSRF) In github.com/gotenberg/gotenberg/v7
6.3
Medium
Ecosystem: Go
Package: github.com/gotenberg/gotenberg/v7
FLAT-NMTUF (CVE-2026-41646)
Improper authorization control for web services In github.com/projectdiscovery/nuclei
3.1
Low
Ecosystem: Go
Package: github.com/projectdiscovery/nuclei
FLAT-0KNXW (CVE-2026-45090)
Improper control of interaction frequency In github.com/hahwul/dalfox
6.3
Medium
Ecosystem: Go
Package: github.com/hahwul/dalfox
FLAT-57HXE (GHSA-pxh5-6rrc-8rjv)
Improper resource allocation In github.com/opentofu/opentofu
3.6
Low
Ecosystem: Go
Package: github.com/opentofu/opentofu
FLAT-0HHIM (CVE-2026-46431)
Lack of data validation In github.com/xyproto/algernon
1.3
Low
Ecosystem: Go
Package: github.com/xyproto/algernon
FLAT-RSMUM (CVE-2026-46430)
Sensitive information sent insecurely In github.com/xyproto/algernon
0.6
Low
Ecosystem: Go
Package: github.com/xyproto/algernon
FLAT-JTY44 (MAL-2026-4543)
Use of software with malware In customerdigital-ui-containers-lib
5.2
Medium
Ecosystem: Npm
Package: customerdigital-ui-containers-lib
FLAT-DX7HX (CVE-2026-46410)
Business information leak In github.com/gtsteffaniak/filebrowser
6.6
Medium
Ecosystem: Go
Package: github.com/gtsteffaniak/filebrowser
FLAT-1ABCO (CVE-2026-46378)
Improper resource allocation In github.com/tomwright/dasel/v3
6.3
Medium
Ecosystem: Go
Package: github.com/tomwright/dasel/v3
FLAT-1C2CP (CVE-2026-46377)
Lack of data validation In github.com/tomwright/dasel/v3
6.3
Medium
Ecosystem: Go
Package: github.com/tomwright/dasel/v3
FLAT-I0P17 (CVE-2026-46354)
Insufficient data authenticity validation In github.com/coder/coder
8.1
High
Ecosystem: Go
Package: github.com/coder/coder
FLAT-IUGC1 (CVE-2026-45796)
Server-side request forgery (SSRF) In github.com/coder/coder
6.8
Medium
Ecosystem: Go
Package: github.com/coder/coder
FLAT-0E6A2 (GHSA-g53w-w6mj-hrpp)
Improper authorization control for web services In github.com/kuadrant/mcp-gateway
8.0
High
Ecosystem: Go
Package: github.com/kuadrant/mcp-gateway
FLAT-3XVPM (CVE-2026-45803)
OS Command Injection In github.com/cli/cli/v2
1.6
Low
Ecosystem: Go
Package: github.com/cli/cli/v2
FLAT-MQF2A (GHSA-gx7w-56w6-g48x)
Authentication mechanism absence or evasion In github.com/caddyserver/caddy/v2
0.6
Low
Ecosystem: Go
Package: github.com/caddyserver/caddy/v2
FLAT-O3PUG (GHSA-wwhq-w58m-w29c)
Remote command execution In github.com/caddyserver/caddy/v2
2.7
Low
Ecosystem: Go
Package: github.com/caddyserver/caddy/v2
FLAT-1C1DQ (GHSA-m23h-6mwm-39m8)
Sensitive information sent insecurely In github.com/kong/kubernetes-ingress-controller
3.6
Low
Ecosystem: Go
Package: github.com/kong/kubernetes-ingress-controller
FLAT-51OSA (GHSA-3278-c88v-xrh4)
Sensitive information sent insecurely In github.com/kong/kubernetes-ingress-controller/v2
1.1
Low
Ecosystem: Go
Package: github.com/kong/kubernetes-ingress-controller/v2
FLAT-OTEU7 (CVE-2026-45695)
Remote command execution In github.com/kopia/kopia
8.4
High
Ecosystem: Go
Package: github.com/kopia/kopia
FLAT-T6BBV (GHSA-4gph-2hhr-5mwg)
HTTP request smuggling In github.com/envoyproxy/ai-gateway
1.7
Low
Ecosystem: Go
Package: github.com/envoyproxy/ai-gateway
FLAT-2L7BV (CVE-2026-45738)
Server side cross-site scripting In github.com/argoproj/argo-cd/v2
5.7
Medium
Ecosystem: Go
Package: github.com/argoproj/argo-cd/v2
FLAT-2LBZI (CVE-2026-45737)
Insecurely deleted files In github.com/argoproj/argo-cd/v3
3.8
Low
Ecosystem: Go
Package: github.com/argoproj/argo-cd/v3
FLAT-BXXJD (CVE-2026-45713)
Asymmetric denial of service In github.com/axllent/mailpit
7.8
High
Ecosystem: Go
Package: github.com/axllent/mailpit
FLAT-5VF1W (CVE-2026-45712)
Race condition In github.com/axllent/mailpit
6.3
Medium
Ecosystem: Go
Package: github.com/axllent/mailpit
FLAT-ZRC50 (CVE-2026-45711)
Lack of data validation - Path Traversal In github.com/axllent/mailpit
3.8
Low
Ecosystem: Go
Package: github.com/axllent/mailpit
FLAT-BK4NM (CVE-2026-45709)
Server-side request forgery (SSRF) In github.com/axllent/mailpit
6.8
Medium
Ecosystem: Go
Package: github.com/axllent/mailpit
FLAT-DYYEJ (CVE-2026-45692)
Lack of data validation In github.com/caddyserver/caddy/v2
1.3
Low
Ecosystem: Go
Package: github.com/caddyserver/caddy/v2
FLAT-T7EVD (CVE-2026-45781)
Insecure functionality In github.com/modelcontextprotocol/registry
0.6
Low
Ecosystem: Go
Package: github.com/modelcontextprotocol/registry
FLAT-538L2 (CVE-2026-45576)
Lack of data validation - Path Traversal In github.com/openziti/zrok/v2
5.7
Medium
Ecosystem: Go
Package: github.com/openziti/zrok/v2