Vulnerabilities

ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-xq4h-wqm2-668w
  • Go/github.com/babylonlabs-io/babylon/v4
Babylon's BIP322 signature implementation is not fully compliant to the spec 13 hours ago
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-2fcv-qww3-9v6h
  • Go/github.com/babylonlabs-io/babylon/v4
Babylon's malformed vote extensions are not rejected 13 hours ago
  • Fix available
  • Severity - 7.0 (High)
GHSA-rj4j-2jph-gg43
  • Go/github.com/lf-edge/ekuiper/v2
LF Edge eKuiper is vulnerable to Arbitrary File Read/Write via unsanitized names and zip extraction 13 hours ago
  • Fix available
  • Severity - 9.3 (Critical)
GHSA-7ff4-jw48-3436
  • Go/github.com/openbao/openbao
OpenBao is Vulnerable to Privileged Operator Identity Group Root Escalation 15 hours ago
  • Fix available
  • Severity - 7.5 (High)
GHSA-9f46-w24h-69w4
  • Go/github.com/QuantumNous/new-api
new-api is vulnerable to SSRF Bypass 17 hours ago
  • Fix available
  • Severity - 8.5 (High)
GHSA-9m7r-g8hg-x3vr
  • Go/github.com/authzed/spicedb
SpiceDB: LookupResources with Multiple Entrypoints across Different Definitions Can Return Incomplete Results 3 days ago
  • Fix available
  • Severity - 2.9 (Low)
GHSA-gmm6-j2g5-r52m
  • Go/github.com/hashicorp/terraform-provider-vault
Vault’s Terraform Provider incorrectly set default deny_null_bind parameter for LDAP auth method to false by default 3 days ago
  • Fix available
  • Severity - 7.4 (High)
GHSA-w62r-7c53-fmc5
  • Go/github.com/grafana/grafana
Grafana Incorrect Privilege Assignment vulnerability 3 days ago
  • Fix available
  • Severity - 10.0 (Critical)
GHSA-2c64-vmv2-hgfc
  • Go/github.com/openfga/openfga
OpenFGA Improper Policy Enforcement 4 days ago
  • Fix available
  • Severity - 5.8 (Medium)
GHSA-6xvf-4vh9-mw47
  • Go/github.com/mindersec/minder
Minder does not sandbox http.send in Rego programs 4 days ago
  • Fix available
  • Severity - 8.5 (High)
GHSA-f786-75f3-74xj
  • Go/github.com/google/osv-scalibr
OSV-SCALIBR has NULL Pointer Dereference 4 days ago
  • Fix available
  • Severity - 1.9 (Low)
GHSA-f6x5-jh6r-wrfv
  • Go/golang.org/x/crypto
golang.org/x/crypto/ssh/agent vulnerable to panic if message is malformed due to out of bounds read 5 days ago
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-j5w8-q4qc-rx2x
  • Go/golang.org/x/crypto
golang.org/x/crypto/ssh allows an attacker to cause unbounded memory consumption 5 days ago
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-hcpf-qv9m-vfgp
  • Go/github.com/esm-dev/esm.sh
esm.sh CDN service has JS Template Literal Injection in CSS-to-JavaScript 5 days ago
  • Fix available
  • Severity - 6.1 (Medium)
GHSA-h3mw-4f23-gwpw
  • Go/github.com/esm-dev/esm.sh
esm.sh CDN service has arbitrary file write via tarslip 5 days ago
  • Fix available
  • Severity - 8.2 (High)
GO-2025-4134
  • Go/golang.org/x/crypto
Unbounded memory consumption in golang.org/x/crypto/ssh 5 days ago
  • Fix available