Go Package Vulnerabilities

All 1,264 Go modules with known CVEs, ranked by live CVE volume — 5,146 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.

  1. 851.github.com/henrygd/beszel1 CVE
  2. 852.github.com/heroiclabs/nakama1 CVE
  3. 853.github.com/heroiclabs/nakama/v31 CVE
  4. 854.github.com/HFO4/cloudreve1 CVE
  5. 855.github.com/hjson/hjson-go/v41 CVE
  6. 856.github.com/holiman/uint2561 CVE
  7. 857.github.com/hoppscotch/proxyscotch1 CVE
  8. 858.github.com/hpcng/singularity1 CVE
  9. 859.github.com/huandu/facebook1 CVE
  10. 860.github.com/huandu/facebook/v21 CVE
  11. 861.github.com/hwameistor/hwameistor1 CVE
  12. 862.github.com/hybridgroup/gobot1 CVE
  13. 863.github.com/IceWhaleTech/CasaOS-Gateway1 CVE
  14. 864.github.com/imroc/req1 CVE
  15. 865.github.com/imroc/req/v21 CVE
  16. 866.github.com/imroc/req/v31 CVE
  17. 867.github.com/in-toto/go-witness1 CVE
  18. 868.github.com/in-toto/in-toto-golang1 CVE
  19. 869.github.com/ipfs/go-bitfield1 CVE
  20. 870.github.com/ipfs/go-bitswap1 CVE
  21. 871.github.com/ipfs/go-libipfs1 CVE
  22. 872.github.com/ipfs/go-merkledag1 CVE
  23. 873.github.com/ipfs/go-unixfs1 CVE
  24. 874.github.com/ipfs/go-unixfsnode1 CVE
  25. 875.github.com/ipld/go-codec-dagpb1 CVE
  26. 876.github.com/istio/istio1 CVE
  27. 877.github.com/itang/gohttp1 CVE
  28. 878.github.com/j3ssie/osmedeus1 CVE
  29. 879.github.com/jackc/pgproto31 CVE
  30. 880.github.com/jackc/pgx/v5/pgproto31 CVE
  31. 881.github.com/jaegertracing/jaeger1 CVE
  32. 882.github.com/jaredallard/archives1 CVE
  33. 883.github.com/jasonlovesdoggo/abacus1 CVE
  34. 884.github.com/jessfraz/pastebinit1 CVE
  35. 885.github.com/jkroepke/openvpn-auth-oauth21 CVE
  36. 886.github.com/jmorganca/ollama1 CVE
  37. 887.github.com/jon4hz/jellysweep1 CVE
  38. 888.github.com/jptosso/coraza-waf1 CVE
  39. 889.github.com/juanfont/headscale1 CVE
  40. 890.github.com/juju/utils1 CVE
  41. 891.github.com/juju/utils/v21 CVE
  42. 892.github.com/juju/utils/v31 CVE
  43. 893.github.com/juju/utils/v41 CVE
  44. 894.github.com/juju/utils/v4/cert1 CVE
  45. 895.github.com/julien040/anyquery1 CVE
  46. 896.github.com/julien040/anyquery/plugins/brave1 CVE
  47. 897.github.com/julien040/anyquery/plugins/chrome1 CVE
  48. 898.github.com/julien040/anyquery/plugins/edge1 CVE
  49. 899.github.com/julien040/anyquery/plugins/safari1 CVE
  50. 900.github.com/jumpserver/jumpserver1 CVE

Which Go packages run in YOUR stack?

EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.

Start Free Scan →