FLAT-A0TAM (CVE-2026-40898)
Improper resource allocation In golang-github-lucas-clemente-quic-go
7.7
High
Ecosystem: Debian
Package: golang-github-lucas-clemente-quic-go
FLAT-6SDWE (CVE-2026-45287)
Improper resource allocation In golang-opentelemetry-otel
0.5
Low
Ecosystem: Debian
Package: golang-opentelemetry-otel
FLAT-XD3X9 (CVE-2026-41178)
Lack of data validation - Path Traversal In golang-opentelemetry-otel
1.7
Low
Ecosystem: Debian
Package: golang-opentelemetry-otel
FLAT-K109N (CVE-2026-42507)
Log injection In golang-1.24
2.7
Low
Ecosystem: Debian
Package: golang-1.24
FLAT-ZHN3J (CVE-2026-42504)
Improper resource allocation In golang-1.24
2.7
Low
Ecosystem: Debian
Package: golang-1.24
FLAT-F7V5V (CVE-2026-27145)
Improper resource allocation In golang-1.24
2.7
Low
Ecosystem: Debian
Package: golang-1.24
FLAT-V7K6Z (CVE-2026-44740)
Improper resource allocation In golang-github-go-git-go-billy
3.6
Low
Ecosystem: Debian
Package: golang-github-go-git-go-billy
FLAT-54VI1 (CVE-2026-46599)
Improper resource allocation In golang-golang-x-image
4.4
Medium
Ecosystem: Debian
Package: golang-golang-x-image
FLAT-00SS4 (CVE-2026-42500)
Out-of-bounds read In golang-golang-x-image
5.6
Medium
Ecosystem: Debian
Package: golang-golang-x-image
FLAT-QPZMM (CVE-2026-48501)
Authentication mechanism absence or evasion In golang-github-cli-go-gh
8.2
High
Ecosystem: Debian
Package: golang-github-cli-go-gh
FLAT-U0CUU (CVE-2026-44973)
Lack of data validation - Path Traversal In golang-github-go-git-go-billy
7.5
High
Ecosystem: Debian
Package: golang-github-go-git-go-billy
FLAT-G5GLQ (CVE-2026-45571)
Lack of data validation - Path Traversal In golang-github-go-git-go-git-v6
2.1
Low
Ecosystem: Debian
Package: golang-github-go-git-go-git-v6
FLAT-V5856 (CVE-2026-45570)
OS Command Injection In golang-github-go-git-go-git-v6
0.6
Low
Ecosystem: Debian
Package: golang-github-go-git-go-git-v6
FLAT-K34ZG (CVE-2026-45022)
Insufficient data authenticity validation In golang-github-go-git-go-git-v6
3.8
Low
Ecosystem: Debian
Package: golang-github-go-git-go-git-v6
FLAT-MRT5X (CVE-2026-39824)
Out-of-bounds read In golang.org/x/sys
2.7
Low
Ecosystem: Go
Package: golang.org/x/sys
FLAT-0IQUA (CVE-2026-42506)
Reflected cross-site scripting (XSS) In golang-golang-x-net
1.3
Low
Ecosystem: Debian
Package: golang-golang-x-net
FLAT-FR32Y (CVE-2026-27136)
Reflected cross-site scripting (XSS) In golang-golang-x-net
1.3
Low
Ecosystem: Debian
Package: golang-golang-x-net
FLAT-PKJ6S (CVE-2026-39821)
Lack of data validation In golang-golang-x-net
4.4
Medium
Ecosystem: Debian
Package: golang-golang-x-net
FLAT-T05CC (CVE-2026-42502)
Reflected cross-site scripting (XSS) In golang-golang-x-net
0.6
Low
Ecosystem: Debian
Package: golang-golang-x-net
FLAT-7W3Y6 (CVE-2026-25681)
Reflected cross-site scripting (XSS) In golang-golang-x-net
1.3
Low
Ecosystem: Debian
Package: golang-golang-x-net
FLAT-Z66PE (CVE-2026-25680)
Asymmetric denial of service - ReDoS In golang-golang-x-net
4.4
Medium
Ecosystem: Debian
Package: golang-golang-x-net
FLAT-7H3A7 (CVE-2026-46597)
Out-of-bounds read In golang-go.crypto
7.7
High
Ecosystem: Debian
Package: golang-go.crypto
FLAT-C577X (CVE-2026-46598)
Lack of data validation In golang-go.crypto
4.3
Medium
Ecosystem: Debian
Package: golang-go.crypto
FLAT-00BKC (CVE-2026-42508)
Authentication mechanism absence or evasion In golang-go.crypto
4.5
Medium
Ecosystem: Debian
Package: golang-go.crypto
FLAT-WKDDZ (CVE-2026-46595)
Security controls bypass or absence In golang-go.crypto
1.7
Low
Ecosystem: Debian
Package: golang-go.crypto
FLAT-7BKSP (CVE-2026-39834)
Out-of-bounds read In golang-go.crypto
3.8
Low
Ecosystem: Debian
Package: golang-go.crypto
FLAT-WF7F2 (CVE-2026-39835)
Insecure deserialization In golang-go.crypto
6.3
Medium
Ecosystem: Debian
Package: golang-go.crypto
FLAT-44MID (CVE-2026-39833)
Security controls bypass or absence In golang-go.crypto
2.1
Low
Ecosystem: Debian
Package: golang-go.crypto
FLAT-M93M2 (CVE-2026-39829)
Asymmetric denial of service In golang-go.crypto
7.7
High
Ecosystem: Debian
Package: golang-go.crypto
FLAT-SUM43 (CVE-2026-39831)
Authentication mechanism absence or evasion In golang-go.crypto
7.9
High
Ecosystem: Debian
Package: golang-go.crypto
FLAT-VCZP5 (CVE-2026-39830)
Improper resource allocation In golang-go.crypto
2.7
Low
Ecosystem: Debian
Package: golang-go.crypto
FLAT-WCN9H (CVE-2026-39828)
Authentication mechanism absence or evasion In golang-go.crypto
2.5
Low
Ecosystem: Debian
Package: golang-go.crypto
FLAT-XFKAQ (CVE-2026-39832)
Account lockout In golang-go.crypto
6.6
Medium
Ecosystem: Debian
Package: golang-go.crypto
FLAT-RLFJS (CVE-2026-39827)
Improper resource allocation In golang-go.crypto
3.8
Low
Ecosystem: Debian
Package: golang-go.crypto
FLAT-AR7JD (GHSA-pmwq-pjrm-6p5r)
Improper dependency pinning In github.com/in-toto/in-toto-golang
3.1
Low
Ecosystem: Go
Package: github.com/in-toto/in-toto-golang
FLAT-HO45L (CVE-2026-41889)
SQL injection - Code In golang-github-jackc-pgx-v5
0.6
Low
Ecosystem: Debian
Package: golang-github-jackc-pgx-v5
FLAT-RXAM5 (CVE-2026-41506)
Weak credential policy In golang-github-go-git-go-git
2.5
Low
Ecosystem: Debian
Package: golang-github-go-git-go-git
FLAT-NVFJ1 (CVE-2026-42499)
Improper resource allocation In golang-1.26
4.4
Medium
Ecosystem: Debian
Package: golang-1.26
FLAT-XYNM1 (CVE-2026-42501)
Spoofing In golang-1.26
6.6
Medium
Ecosystem: Debian
Package: golang-1.26
FLAT-11L7Q (CVE-2026-39823)
Reflected cross-site scripting (XSS) In golang-1.24
1.3
Low
Ecosystem: Debian
Package: golang-1.24
FLAT-951QH (CVE-2026-39819)
Insecure temporary files In golang-1.24
0.4
Low
Ecosystem: Debian
Package: golang-1.24
FLAT-O94SA (CVE-2026-39820)
Improper resource allocation In golang-1.24
4.4
Medium
Ecosystem: Debian
Package: golang-1.24
FLAT-RIAE6 (CVE-2026-39826)
Reflected cross-site scripting (XSS) In golang-1.26
0.6
Low
Ecosystem: Debian
Package: golang-1.26
FLAT-ZW5JM (CVE-2026-39825)
HTTP request smuggling In golang-1.15
1.7
Low
Ecosystem: Debian
Package: golang-1.15
FLAT-B4GZQ (CVE-2026-39817)
Lack of data validation - Path Traversal In golang-1.19
3.9
Low
Ecosystem: Debian
Package: golang-1.19
FLAT-N42VD (CVE-2026-33814)
Improper resource allocation In golang-golang-x-net
7.7
High
Ecosystem: Debian
Package: golang-golang-x-net
FLAT-YNOOG (CVE-2026-33811)
Out-of-bounds read In golang-1.19
6.5
Medium
Ecosystem: Debian
Package: golang-1.19
FLAT-OZMR5 (CVE-2026-6863)
Authentication mechanism absence or evasion In www.velocidex.com/golang/velociraptor
5.7
Medium
Ecosystem: Go
Package: www.velocidex.com/golang/velociraptor
FLAT-FKL7W (CVE-2026-7573)
Improper authorization control for web services In www.velocidex.com/golang/velociraptor
0.6
Low
Ecosystem: Go
Package: www.velocidex.com/golang/velociraptor
FLAT-FOFX0 (CVE-2026-7572)
Insecure functionality In www.velocidex.com/golang/velociraptor
2.1
Low
Ecosystem: Go
Package: www.velocidex.com/golang/velociraptor
FLAT-C06Z3 (CVE-2026-32952)
Out-of-bounds read In golang-github-azure-go-ntlmssp
6.3
Medium
Ecosystem: Debian
Package: golang-github-azure-go-ntlmssp
FLAT-GHNB6 (CVE-2026-40890)
Out-of-bounds read In golang-github-gomarkdown-markdown
5.6
Medium
Ecosystem: Debian
Package: golang-github-gomarkdown-markdown
FLAT-TPI51 (CVE-2026-40611)
Lack of data validation - Path Traversal In golang-github-xenolf-lego
8.4
High
Ecosystem: Debian
Package: golang-github-xenolf-lego
FLAT-JYR0B (CVE-2026-33813)
Lack of data validation - Type confusion In golang-golang-x-image
0.5
Low
Ecosystem: Debian
Package: golang-golang-x-image
FLAT-KAG21 (CVE-2026-33812)
Improper resource allocation In golang-golang-x-image
4.4
Medium
Ecosystem: Debian
Package: golang-golang-x-image
FLAT-S6S6H (CVE-2026-6290)
Authentication mechanism absence or evasion In www.velocidex.com/golang/velociraptor
5.9
Medium
Ecosystem: Go
Package: www.velocidex.com/golang/velociraptor
FLAT-M31QO (CVE-2026-39984)
Insecure digital certificates In golang-github-sigstore-timestamp-authority
6.3
Medium
Ecosystem: Debian
Package: golang-github-sigstore-timestamp-authority
FLAT-TYSC3 (CVE-2026-39882)
Lack of data validation - Path Traversal In golang-opentelemetry-otel
6.3
Medium
Ecosystem: Debian
Package: golang-opentelemetry-otel
FLAT-08DN2 (CVE-2026-32288)
Improper resource allocation In golang-1.25
7.7
High
Ecosystem: Debian
Package: golang-1.25
FLAT-1ZORT (CVE-2026-33810)
Insecure digital certificates In golang-1.26
1.7
Low
Ecosystem: Debian
Package: golang-1.26
FLAT-2YSMG (CVE-2026-32280)
Improper resource allocation In golang-1.25
2.4
Low
Ecosystem: Debian
Package: golang-1.25
FLAT-3WMV5 (CVE-2026-27144)
Lack of data validation - Type confusion In golang-1.19
0.5
Low
Ecosystem: Debian
Package: golang-1.19
FLAT-5J540 (CVE-2026-32281)
Improper resource allocation In golang-1.25
2.4
Low
Ecosystem: Debian
Package: golang-1.25
FLAT-5J92D (CVE-2026-32289)
Reflected cross-site scripting (XSS) In golang-1.26
0.6
Low
Ecosystem: Debian
Package: golang-1.26
FLAT-OEZK7 (CVE-2026-32282)
Lack of data validation - Path Traversal In golang-1.26
3.6
Low
Ecosystem: Debian
Package: golang-1.26
FLAT-RH04Y (CVE-2026-27143)
Out-of-bounds read In golang-1.24
5.8
Medium
Ecosystem: Debian
Package: golang-1.24
FLAT-YVVQ5 (CVE-2026-32283)
Asymmetric denial of service - ReDoS In golang-1.24
7.7
High
Ecosystem: Debian
Package: golang-1.24
FLAT-A9RRH (CVE-2026-27140)
Remote command execution In golang-1.25
8.4
High
Ecosystem: Debian
Package: golang-1.25
FLAT-JB8NI (CVE-2026-33816)
Inappropriate coding practices In golang-github-jackc-pgx-v5
4.3
Medium
Ecosystem: Debian
Package: golang-github-jackc-pgx-v5
FLAT-GH3D4 (CVE-2026-34986)
Asymmetric denial of service In golang-gopkg-square-go-jose.v2
6.3
Medium
Ecosystem: Debian
Package: golang-gopkg-square-go-jose.v2
FLAT-75PX5 (CVE-2026-32287)
Improper resource allocation In golang-github-antchfx-xpath
7.7
High
Ecosystem: Debian
Package: golang-github-antchfx-xpath
FLAT-GAK5F (CVE-2026-32286)
Lack of data validation In golang-github-jackc-pgproto3
6.3
Medium
Ecosystem: Debian
Package: golang-github-jackc-pgproto3
FLAT-J09SZ (CVE-2026-32285)
Asymmetric denial of service - ReDoS In golang-github-buger-jsonparser
7.7
High
Ecosystem: Debian
Package: golang-github-buger-jsonparser
FLAT-3M5SE (CVE-2026-33809)
Improper resource allocation In golang-golang-x-image
7.7
High
Ecosystem: Debian
Package: golang-golang-x-image
FLAT-S7J1N (CVE-2026-33186)
Improper authorization control for web services In golang-google-grpc
8.1
High
Ecosystem: Debian
Package: golang-google-grpc
FLAT-AH75S (CVE-2026-32953)
Security controls bypass or absence In golang-github-tillitis-tkeyclient
1.1
Low
Ecosystem: Debian
Package: golang-github-tillitis-tkeyclient
FLAT-FYYB8 (CVE-2026-27139)
Local file inclusion In golang-1.24
1.2
Low
Ecosystem: Debian
Package: golang-1.24
FLAT-J4A8U (CVE-2026-27142)
Reflected cross-site scripting (XSS) In golang-1.24
1.2
Low
Ecosystem: Debian
Package: golang-1.24
FLAT-39CYV (CVE-2026-27137)
Insecure digital certificates In golang-1.26
2.7
Low
Ecosystem: Debian
Package: golang-1.26
FLAT-V0MT6 (CVE-2026-25679)
Lack of data validation In golang-1.25
2.7
Low
Ecosystem: Debian
Package: golang-1.25
FLAT-ZTVQS (CVE-2026-27138)
Insecure digital certificates In golang-1.26
6.3
Medium
Ecosystem: Debian
Package: golang-1.26
FLAT-RTU56 (CVE-2026-27141)
Asymmetric denial of service In golang.org/x/net
7.7
High
Ecosystem: Go
Package: golang.org/x/net
FLAT-SCO8Y (CVE-2026-26994)
Security controls bypass or absence In golang-refraction-networking-utls
1.7
Low
Ecosystem: Debian
Package: golang-refraction-networking-utls
FLAT-YH984 (CVE-2026-26958)
Inappropriate coding practices In golang-filippo-edwards25519
1.7
Low
Ecosystem: Debian
Package: golang-filippo-edwards25519
FLAT-7CD1K (CVE-2025-69725)
Uncontrolled external site redirect In golang-github-go-chi-chi
1.3
Low
Ecosystem: Debian
Package: golang-github-go-chi-chi
FLAT-QA9U1 (CVE-2025-47911)
Improper resource allocation In golang.org/x/net/html
4.4
Medium
Ecosystem: Go
Package: golang.org/x/net/html
FLAT-O6TOV (CVE-2026-26014)
Sensitive information sent insecurely In golang-github-pion-dtls-v3
8.1
High
Ecosystem: Debian
Package: golang-github-pion-dtls-v3
FLAT-YCKIG (CVE-2025-58190)
Improper resource allocation In golang-golang-x-net
7.7
High
Ecosystem: Debian
Package: golang-golang-x-net
FLAT-CIY4X (CVE-2025-61732)
Remote command execution In golang-1.25
5.9
Medium
Ecosystem: Debian
Package: golang-1.25
FLAT-B04W5 (CVE-2026-24137)
Lack of data validation - Path Traversal In golang-github-sigstore-sigstore
6.6
Medium
Ecosystem: Debian
Package: golang-github-sigstore-sigstore
FLAT-283Y0 (CVE-2025-68120)
Remote command execution In github.com/golang/vscode-go
5.5
Medium
Ecosystem: Go
Package: github.com/golang/vscode-go
FLAT-JEG3Y (CVE-2025-64702)
Improper resource allocation In golang-github-lucas-clemente-quic-go
7.7
High
Ecosystem: Debian
Package: golang-github-lucas-clemente-quic-go
FLAT-0E2O0 (CVE-2025-10543)
Lack of data validation In github.com/eclipse/paho.mqtt.golang
1.7
Low
Ecosystem: Go
Package: github.com/eclipse/paho.mqtt.golang
FLAT-LMFHN (CVE-2025-47914)
Out-of-bounds read In golang.org/x/crypto
7.7
High
Ecosystem: Go
Package: golang.org/x/crypto
FLAT-FYDXQ (CVE-2025-58181)
Improper resource allocation In golang.org/x/crypto
7.7
High
Ecosystem: Go
Package: golang.org/x/crypto
FLAT-CSCHK (CVE-2025-47913)
Asymmetric denial of service In golang-go.crypto
4.6
Medium
Ecosystem: Debian
Package: golang-go.crypto
FLAT-HUKRC (CVE-2025-63811)
Asymmetric denial of service In golang-github-dvsekhvalnov-jose2go
7.7
High
Ecosystem: Debian
Package: golang-github-dvsekhvalnov-jose2go
FLAT-2CMWK (CVE-2025-61724)
Improper resource allocation In golang-1.19
2.7
Low
Ecosystem: Debian
Package: golang-1.19
FLAT-SJNIO (CVE-2025-61725)
Improper resource allocation In golang-1.15
2.7
Low
Ecosystem: Debian
Package: golang-1.15
FLAT-7BY9B (CVE-2025-58186)
Improper resource allocation In golang-1.19
7.7
High
Ecosystem: Debian
Package: golang-1.19