Go Package Vulnerabilities
All 1,261 Go modules with known CVEs, ranked by live CVE volume — 5,112 package-to-CVE mappings with affected ranges and fixed versions. Updated continuously as new vulnerabilities publish.
- 401.github.com/docker/distribution2 CVEs
- 402.github.com/docker/mcp-gateway2 CVEs
- 403.github.com/dvsekhvalnov/jose2go2 CVEs
- 404.github.com/edgexfoundry/app-functions-sdk-go2 CVEs
- 405.github.com/edgexfoundry/app-functions-sdk-go/v22 CVEs
- 406.github.com/elastic/apm-server2 CVEs
- 407.github.com/etcd-io/etcd2 CVEs
- 408.github.com/expr-lang/expr2 CVEs
- 409.github.com/facebook/fbthrift2 CVEs
- 410.github.com/filecoin-project/go-f32 CVEs
- 411.github.com/flipped-aurora/gin-vue-admin/server2 CVEs
- 412.github.com/fluid-cloudnative/fluid2 CVEs
- 413.github.com/fluxcd/notification-controller2 CVEs
- 414.github.com/forceu/gokapi2 CVEs
- 415.github.com/free5gc/nrf2 CVEs
- 416.github.com/gardener/gardener2 CVEs
- 417.github.com/ginuerzh/gost2 CVEs
- 418.github.com/gitpod-io/gitpod2 CVEs
- 419.github.com/go-acme/lego2 CVEs
- 420.github.com/go-acme/lego/v32 CVEs
- 421.github.com/go-acme/lego/v42 CVEs
- 422.github.com/gofiber/fiber/v32 CVEs
- 423.github.com/go-git/go-billy/v52 CVEs
- 424.github.com/go-git/go-billy/v62 CVEs
- 425.github.com/go-jose/go-jose2 CVEs
- 426.github.com/golang-jwt/jwt/v42 CVEs
- 427.github.com/google/brotli2 CVEs
- 428.github.com/google/exposure-notifications-verification-server2 CVEs
- 429.github.com/google/osv-scalibr2 CVEs
- 430.github.com/gorilla/csrf2 CVEs
- 431.github.com/go-vela/worker2 CVEs
- 432.github.com/go-yaml/yaml2 CVEs
- 433.github.com/gphper/ginadmin2 CVEs
- 434.github.com/grafana/agent2 CVEs
- 435.github.com/grafana/tempo2 CVEs
- 436.github.com/grafana/tempo-operator2 CVEs
- 437.github.com/gravitational/teleport2 CVEs
- 438.github.com/gtsteffaniak/filebrowser2 CVEs
- 439.github.com/gtsteffaniak/filebrowser/backend2 CVEs
- 440.github.com/hashicorp/go-slug2 CVEs
- 441.github.com/hashicorp/terraform2 CVEs
- 442.github.com/influxdata/influxdb2 CVEs
- 443.github.com/iskorotkov/avro/v22 CVEs
- 444.github.com/jackc/pgproto3/v22 CVEs
- 445.github.com/jpillora/chisel2 CVEs
- 446.github.com/jumpserver/koko2 CVEs
- 447.github.com/justinas/nosurf2 CVEs
- 448.github.com/k3s-io/k3s2 CVEs
- 449.github.com/kata-containers/runtime2 CVEs
- 450.github.com/kcp-dev/kcp2 CVEs
Which Go packages run in YOUR stack?
EchelonGraph inventories your dependencies and correlates them against live CVE intelligence — affected ranges, fixed versions, and blast radius in one graph.
Start Free Scan →