CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

30 matches found

OSV•added 2026/06/11 10:23 a.m.•5 views

ROOT-APP-GOBINARY-CVE-2026-44740 CVE-2026-44740 in rootio-github.com/go-git/go-billy/v5 - Patched by Root

Root has patched CVE-2026-44740 in the rootio-github.com/go-git/go-billy/v5 package for Root:Go. Multiple fixed versions available...

6.5CVSS5.4AI score0.00295EPSS

Exploits0

OSV•added 2026/06/11 10:23 a.m.•4 views

ROOT-APP-GOBINARY-CVE-2026-44973 CVE-2026-44973 in rootio-github.com/go-git/go-billy/v5 - Patched by Root

Root has patched CVE-2026-44973 in the rootio-github.com/go-git/go-billy/v5 package for Root:Go. Multiple fixed versions available...

8.1CVSS5.8AI score0.0031EPSS

Exploits0

RedhatCVE•added 2026/06/08 2:58 a.m.•9 views

CVE-2026-44973

Billy is an interface filesystem abstraction for Go. Prior to 5.9.0, multiple path traversal issues exist across different components of go-billy. Insufficient path sanitization and boundary enforcement may allow crafted paths e.g., using .. to escape intended base directories. While go-billy was...

8.1CVSS5.5AI score0.0031EPSS

Exploits0References1

CVE•added 2026/06/01 4:4 p.m.•29 views

CVE-2026-44740

CVE-2026-44740 affects the go-billy interface filesystem abstraction. Before 5.9.0 and 6.0.0-alpha.1, multiple components may mishandle crafted input, risking panics, infinite loops, uncontrolled recursion, or excessive resource consumption due to missing validation, cycle detection, and defensiv...

6.5CVSS5.7AI score0.00295EPSS

Exploits0References3

Cvelist•added 2026/06/01 4:4 p.m.•28 views

CVE-2026-44740 go-billy: Lack of depth and cycle detection in symlink resolution may lead to infinite loops and resource exhaustion

Billy is an interface filesystem abstraction for Go. Prior to versions 5.9.0 and 6.0.0-alpha.1, multiple components may improperly handle crafted or malformed input, resulting in panics, infinite loops, uncontrolled recursion, or excessive resource consumption. These issues arise from insufficien...

6.5CVSS0.00295EPSS

Exploits0References3

Vulnrichment•added 2026/06/01 4:4 p.m.•10 views

CVE-2026-44740 go-billy: Lack of depth and cycle detection in symlink resolution may lead to infinite loops and resource exhaustion

6.5CVSS5.7AI score0.00295EPSS

Exploits0References3

CNNVD•added 2026/06/01 12:0 a.m.•6 views

go-billy 安全漏洞

Go-Billy is an open-source file system abstraction library developed by go-git. Versions of Go-Billy prior to 5.9.0 and 6.0.0-alpha.1 contained security vulnerabilities. These vulnerabilities stemmed from improper handling of specially crafted or malformed inputs by multiple components, which cou...

6.5CVSS5.3AI score0.00295EPSS

Exploits0References3

Tenable Nessus•added 2026/05/30 12:0 a.m.•10 views

Linux Distros Unpatched Vulnerability : CVE-2026-44973

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Billy is an interface filesystem abstraction for Go. Prior to 5.9.0, multiple path traversal issues exist across different components of go-billy. Insufficient...

8.1CVSS5.8AI score0.0031EPSS

Exploits0References3

NVD•added 2026/05/28 10:16 p.m.•10 views

CVE-2026-44973

8.1CVSS0.0031EPSS

Exploits0References1

OSV•added 2026/05/28 10:16 p.m.•7 views

DEBIAN-CVE-2026-44973

8.1CVSS5.8AI score0.0031EPSS

Exploits0References1

OSV•added 2026/05/28 10:16 p.m.•8 views

UBUNTU-CVE-2026-44973

8.1CVSS5.8AI score0.0031EPSS

Exploits0References3

CVE•added 2026/05/28 9:26 p.m.•21 views

CVE-2026-44973

CVE-2026-44973 affects go-billy, an interface filesystem abstraction for Go. Prior to 5.9.0, multiple path traversal issues enabled by insufficient path sanitization and boundary enforcement could let crafted paths (e.g., using ..) escape base directories across various components. Impact could r...

8.1CVSS5.8AI score0.0031EPSS

Exploits0References1

Vulnrichment•added 2026/05/28 9:26 p.m.•11 views

CVE-2026-44973 Billy: Path traversal vulnerabilities

8.1CVSS5.8AI score0.0031EPSS

Exploits0References1

EUVD•added 2026/05/28 9:26 p.m.•6 views

EUVD-2026-33071

8.1CVSS5.8AI score0.0031EPSS

Exploits0References1

Cvelist•added 2026/05/28 9:26 p.m.•30 views

CVE-2026-44973 Billy: Path traversal vulnerabilities

8.1CVSS0.0031EPSS

Exploits0References1

Debian CVE•added 2026/05/28 9:26 p.m.•7 views

CVE-2026-44973

8.1CVSS5.8AI score0.0031EPSS

Exploits0

CNNVD•added 2026/05/28 12:0 a.m.•6 views

go-billy 路径遍历漏洞

Go-Billy is an open-source file system abstraction library developed by go-git. Versions of Go-Billy prior to 5.9.0 contained a path traversal vulnerability. This vulnerability stemmed from path traversal issues in multiple components. Insufficient path cleaning and boundary enforcement may lead ...

8.1CVSS5.8AI score0.0031EPSS

Exploits0References1

Github Security Blog•added 2026/05/14 6:25 p.m.•9 views

go-billy has path traversal vulnerabilities

Impact Multiple path traversal issues exist across different components of go-billy. Insufficient path sanitization and boundary enforcement may allow crafted paths e.g., using .. to escape intended base directories. While go-billy was not originally designed to provide a strong security boundary...

8.1CVSS5.8AI score0.0031EPSS

Exploits0References5Affected Software2

OSV•added 2026/05/14 6:25 p.m.•5 views

GHSA-QW64-3X98-G7Q2 go-billy has path traversal vulnerabilities

8.1CVSS5.8AI score0.0031EPSS

Exploits0References5

Positive Technologies•added 2026/05/14 12:0 a.m.•9 views

PT-2026-41151

Name of the Vulnerable Software and Affected Versions go-billy versions prior to 5.9.0 Description Multiple path traversal issues exist across different components of the software due to insufficient path sanitization and boundary enforcement. This allows crafted paths, such as those using .., to...

9.8CVSS5.8AI score0.01027EPSS

Exploits0References66

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by