Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

5 advisories

Loading
Hoverfly: Denial of Service via Goroutine Leak in Remote Post-Serve Actions Moderate
CVE-2026-50018 was published for github.com/SpectoLabs/hoverfly (Go) Jul 14, 2026
Kr1shna4garwal Credited to Kr1shna4garwal
Hoverfly: Process Crash via Concurrent Map Write Race Condition in Diff Mode High
CVE-2026-50013 was published for github.com/SpectoLabs/hoverfly (Go) Jul 14, 2026
Kr1shna4garwal Credited to Kr1shna4garwal
jsonwebtoken has Type Confusion that leads to potential authorization bypass Moderate
CVE-2026-25537 was published for jsonwebtoken (Rust) Feb 3, 2026
Kr1shna4garwal Credited to Kr1shna4garwal
WebSocket endpoint `/api/v2/ws/logs` reachable without authentication even when --auth is enabled High
CVE-2025-54376 was published for github.com/SpectoLabs/hoverfly (Go) Sep 10, 2025
Kr1shna4garwal Credited to Kr1shna4garwal
Hoverfly is vulnerable to Remote Code Execution through an insecure middleware implementation Critical
CVE-2025-54123 was published for github.com/SpectoLabs/hoverfly (Go) Sep 10, 2025
Kr1shna4garwal Credited to Kr1shna4garwal
ProTip! Advisories are also available from the GraphQL API