pkg:Go/github.com/xyproto/algernon

7 total CVEsCRITICAL1HIGH1MEDIUM3

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.0CVE-2026-45721Algernon: handler.lua discovery walks parent directories above the server root
    from 0, < 1.17.7
  • HIGH7.5CVE-2026-45728Algernon: Single-file mode unconditionally enables debug mode
    from 0, < 1.17.7
  • MEDIUM6.1CVE-2023-26131Algernon engine and themes vulnerable to Cross-site Scripting
    from 0, <= 1.15.2
  • MEDIUM4.3CVE-2026-46431Algernon: Auto-refresh SSE event server sets Access-Control-Allow-Origin: *
    from 0, < 1.17.7
  • MEDIUM4.3CVE-2026-46430Algernon: Auto-refresh SSE event server binds to all interfaces by default on Linux/macOS
    from 0, < 1.17.7
  • CVE-2025-65754Algernon Cross-Site Scripting vulnerability in github.com/xyproto/algernon
    from 0, < 1.17.5
  • CVE-2025-65754Algernon Cross-Site Scripting vulnerability in github.com/xyproto/algernon
    from 0, < 1.17.5