CVE-2026-35393 Blast Radius

CRITICAL • CVSS 9.8goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.3, the POST multipart upload directory not sanitized. This vulnerability is fixed in 2.…

Is Your Infrastructure Using These Packages?

EchelonGraph automatically scans your cloud infrastructure and SBOMs to map your exposure to vulnerabilities like CVE-2026-35393.

Start Free Scan →← Back to CVE-2026-35393