Go Package Vulnerabilities
All 1,264 Go modules with known CVEs, ranked by live CVE volume — 5,146 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.
- 801.github.com/go-pkgz/auth/v21 CVE
- 802.github.com/goreleaser/goreleaser1 CVE
- 803.github.com/goreleaser/nfpm1 CVE
- 804.github.com/goreleaser/nfpm/v21 CVE
- 805.github.com/go-resty/resty/v21 CVE
- 806.github.com/gorilla/handlers1 CVE
- 807.github.com/gorilla/schema1 CVE
- 808.github.com/gorilla/websocket1 CVE
- 809.github.com/go-shiori/shiori1 CVE
- 810.github.com/go-sonic/sonic1 CVE
- 811.github.com/gotify/server1 CVE
- 812.github.com/gotify/server/v21 CVE
- 813.github.com/gouniverse/cms1 CVE
- 814.github.com/go-vela/compiler1 CVE
- 815.github.com/go-viper/mapstructure1 CVE
- 816.github.com/go-viper/mapstructure/v21 CVE
- 817.github.com/grafana/alloy1 CVE
- 818.github.com/grafana/google-sheets-datasource1 CVE
- 819.github.com/grafana/grafana-infinity-datasource1 CVE
- 820.github.com/grafana/grafana-operator1 CVE
- 821.github.com/grafana/grafana-operator/v51 CVE
- 822.github.com/grafana/grafana/pkg/web1 CVE
- 823.github.com/grafana/grafana-plugin-sdk-go1 CVE
- 824.github.com/grafana/loki1 CVE
- 825.github.com/grafana/loki/v31 CVE
- 826.github.com/grafana/pyroscope1 CVE
- 827.github.com/grafana/synthetic-monitoring-agent1 CVE
- 828.github.com/grafana/synthetic-monitoring-agent/cmd/synthetic-monitoring-agent1 CVE
- 829.github.com/graph-gophers/graphql-go1 CVE
- 830.github.com/graphql-go/graphql1 CVE
- 831.github.com/gvalkov/tailon1 CVE
- 832.github.com/hahwul/dalfox1 CVE
- 833.github.com/hakobe/paranoidhttp1 CVE
- 834.github.com/hamba/avro1 CVE
- 835.github.com/hamba/avro/v21 CVE
- 836.github.com/harness/gitness1 CVE
- 837.github.com/harvester/harvester1 CVE
- 838.github.com/harvester/harvester-installer1 CVE
- 839.github.com/hashicorp/consul-template1 CVE
- 840.github.com/hashicorp-forge/hermes1 CVE
- 841.github.com/hashicorp/go-retryablehttp1 CVE
- 842.github.com/hashicorp/nomad-driver-exec21 CVE
- 843.github.com/hashicorp/terraform-provider-aws1 CVE
- 844.github.com/hashicorp/terraform-provider-vault1 CVE
- 845.github.com/hashicorp/vagrant1 CVE
- 846.github.com/hashicorp/vault-csi-provider1 CVE
- 847.github.com/hashicorp/vault-plugin-secrets-gcp1 CVE
- 848.github.com/hashicorp/vault-ssh-helper1 CVE
- 849.github.com/hatchet-dev/hatchet1 CVE
- 850.github.com/helm/helm1 CVE
Which Go packages run in YOUR stack?
EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.
Start Free Scan →