Package impact
GO / github.com/openziti/zrok
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-42275 | high | 8.7 | 8.7 | 22d ago | zrok: WebDAV drive backend follows symlinks outside DriveRoot, enabling host filesystem read/write | |||
| CVE-2026-45576 | high | — | 8.0 | 10d ago | zrok copy writes attacker-controlled WebDAV paths outside the destination root |