Go Package Vulnerabilities

All 1,264 Go modules with known CVEs, ranked by live CVE volume — 5,146 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.

  1. 801.github.com/go-pkgz/auth/v21 CVE
  2. 802.github.com/goreleaser/goreleaser1 CVE
  3. 803.github.com/goreleaser/nfpm1 CVE
  4. 804.github.com/goreleaser/nfpm/v21 CVE
  5. 805.github.com/go-resty/resty/v21 CVE
  6. 806.github.com/gorilla/handlers1 CVE
  7. 807.github.com/gorilla/schema1 CVE
  8. 808.github.com/gorilla/websocket1 CVE
  9. 809.github.com/go-shiori/shiori1 CVE
  10. 810.github.com/go-sonic/sonic1 CVE
  11. 811.github.com/gotify/server1 CVE
  12. 812.github.com/gotify/server/v21 CVE
  13. 813.github.com/gouniverse/cms1 CVE
  14. 814.github.com/go-vela/compiler1 CVE
  15. 815.github.com/go-viper/mapstructure1 CVE
  16. 816.github.com/go-viper/mapstructure/v21 CVE
  17. 817.github.com/grafana/alloy1 CVE
  18. 818.github.com/grafana/google-sheets-datasource1 CVE
  19. 819.github.com/grafana/grafana-infinity-datasource1 CVE
  20. 820.github.com/grafana/grafana-operator1 CVE
  21. 821.github.com/grafana/grafana-operator/v51 CVE
  22. 822.github.com/grafana/grafana/pkg/web1 CVE
  23. 823.github.com/grafana/grafana-plugin-sdk-go1 CVE
  24. 824.github.com/grafana/loki1 CVE
  25. 825.github.com/grafana/loki/v31 CVE
  26. 826.github.com/grafana/pyroscope1 CVE
  27. 827.github.com/grafana/synthetic-monitoring-agent1 CVE
  28. 828.github.com/grafana/synthetic-monitoring-agent/cmd/synthetic-monitoring-agent1 CVE
  29. 829.github.com/graph-gophers/graphql-go1 CVE
  30. 830.github.com/graphql-go/graphql1 CVE
  31. 831.github.com/gvalkov/tailon1 CVE
  32. 832.github.com/hahwul/dalfox1 CVE
  33. 833.github.com/hakobe/paranoidhttp1 CVE
  34. 834.github.com/hamba/avro1 CVE
  35. 835.github.com/hamba/avro/v21 CVE
  36. 836.github.com/harness/gitness1 CVE
  37. 837.github.com/harvester/harvester1 CVE
  38. 838.github.com/harvester/harvester-installer1 CVE
  39. 839.github.com/hashicorp/consul-template1 CVE
  40. 840.github.com/hashicorp-forge/hermes1 CVE
  41. 841.github.com/hashicorp/go-retryablehttp1 CVE
  42. 842.github.com/hashicorp/nomad-driver-exec21 CVE
  43. 843.github.com/hashicorp/terraform-provider-aws1 CVE
  44. 844.github.com/hashicorp/terraform-provider-vault1 CVE
  45. 845.github.com/hashicorp/vagrant1 CVE
  46. 846.github.com/hashicorp/vault-csi-provider1 CVE
  47. 847.github.com/hashicorp/vault-plugin-secrets-gcp1 CVE
  48. 848.github.com/hashicorp/vault-ssh-helper1 CVE
  49. 849.github.com/hatchet-dev/hatchet1 CVE
  50. 850.github.com/helm/helm1 CVE

Which Go packages run in YOUR stack?

EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.

Start Free Scan →